Bonum Certa Men Certa

Links 5/12/2019: qBittorrent 4.2.0, Expensive Librem 5 and OpenBSD Bugs



  • GNU/Linux

    • Disney+ Now Works on Linux, No Workarounds Required

      Disney launched its new video streaming service in the USA and Canada last month to much hype and attention (it scores 10 million subscribers in the first day alone).

      But many Linux users in those countries who’d been hoping to tune in to watch shows like The Mandalorian and High School Musical: The Musical: The Series were left disappointed.

      For although rival streaming services like Netflix and Amazon Prime work “out of the box” on Linux in web browsers like Google Chrome and Mozilla Firefox, Disney+ didn’t.

    • There is no “Linux” Platform (Part 1)

      In our community there is this idea that “Linux” is the third platform next to Windows and macOS. It’s closely connected to things like the “year of the Linux desktop”, and can be seen in the language around things like Flatpak, which bills itself as “The Future of Apps on Linux” and the Linux App Summit, which is “designed to accelerate the growth of the Linux application ecosystem”.

      But what does that actually mean? What does a healthy app ecosystem look like? And why don’t we have one?

      I think the core of the problem is actually the layer below that: Before we can have healthy ecosystems, we need healthy platforms to build them on.

      [...]

      The reasons for this are largely historical. In the early days, free software desktops were a bunch of independently developed components. They were not necessarily designed for each other, or well integrated. This meant in order to have a usable system, someone needed to curate these components and assemble them into an operating system: The first distributions were born.

      Over the last decades this landscape has changed drastically, however. While GNOME 1 was a set of loosely coupled components, GNOME 2 was already much more cohesive and GNOME 3 is now essentially an integrated product. The shell, core apps, and underlying technologies are all designed with each other in mind, and provide a complete OS experience.

      Desktops like GNOME have expanded their scope to cover most of the responsibilities of platforms, and are in effect platforms now, minus the OS part. They have a very clear vision of how the system should work, and app developers target them directly.

      The elementary project has taken this development to its logical end point, and made its own vertically integrated OS and app store. This is why it’s the only “real” platform in the free software space at the moment.

    • Desktop/Laptop

      • 17 Stunning Winter Wallpapers for Desktop & Laptops

        And on the off chance you might be pining to do the same I’ve assembled a seasonable selection of HD winter wallpapers that are well suited for use on desktop PCs and laptops and tablets and Chromebooks and phones and you get the idea.

        All of the ice cold wallpapers below are sourced from unsplash.com. Unsplash is a terrific place to find high quality, royalty free photography that you can use in projects and apps and websites …and yes: as desktop wallpaper too.

        The images you see embedded below are compressed jpegs so use the links underneath to download a high-quality version direct from Unsplash (where you can also browse other images uploaded by the same artist).

      • Dell XPS 13 7390 Review: The Best Laptop For Desktop Linux Users

        Gone are the days when we had to do a lot of research and read a lot of reviews to find a machine that would work with the least amount of trouble with the desktop Linux distribution of choice. Today, almost every machine out there can run Linux. The kernel community has done an incredible job with device driver support to make everything work out of the box.

        Still, there are machines that can run Linux, and then there are machines that run Linux. Dell machines fall in the latter category. Five years ago, Barton George started a program within Dell to bring desktop Linux to consumer grade, high-end Dell systems. What started as one machine is now an entire line of high-end laptops and desktops.

        Among these machines, XPS 13 is my favorite. While I need a really powerful desktop to handle my 4K UHD, multicam video production, I also need an ultra-portable laptop that I can bring with me anywhere without having to worry about a bulky backpack and charger. XPS 13 was also my very first laptop, which lasted me more than 7 years. So, yes, there is that nostalgic factor, too.

      • Why choose Budgie for your Linux desktop

        No matter what desktop you use, there's always something you want to change about it. One of the most popular applications for the GNOME desktop is Tweaks, which contains all the preference settings left out of the GNOME Settings panel. The Solus Linux distribution features the Budgie desktop, which is best described as one great big GNOME tweak.

        You may find Budgie in a software repository, but more likely, you'll have to download and install Solus Linux to experience it. You can install it into a virtual machine, like GNOME Boxes.

      • Linux on the MAG1 8.9 inch mini-laptop (Ubuntu and Fedora)

        The Magic Ben MAG1 mini-laptop is a 1.5 pound notebook computer that measures about 8.2″ x 5.8″ x 0.7″ and which features an 8.9 inch touchscreen display and an Intel Core m3-8100Y processor.

        As I noted in my MAG1 review, the little computer also has one of the best keyboards I’ve used on a laptop this small and a tiny, but responsive trackpad below the backlit keyboard.

        Available from GeekBuying for $630 and up, the MAG1 ships with Windows 10, but it’s also one of the most Linux-friendly mini-laptops I’ve tested to date.

        [...]

        I did not install either operating system to local storage, so I cannot comment on sleep, battery life, fingerprint authentication, or other features that you’d only be able to truly test by fully installing Ubuntu, Fedora, or another GNU/Linux-based operating system. But running from a liveUSB is a good way to kick the tires and see if there are any obvious pain points before installing an operating system, and for the most part the two operating systems I tested look good to go.

        Booting from a flash drive is also pretty easy. Once you’ve prepared a bootable drive using Rufus, UNetbootin, or a similar tool, just plug it into the computer’s USB port, hit the Esc key during startup to bring up the UEFI/SETUP utility.

      • Top 10 technical skills that will get you hired in 2020

        Linux is a family of open source operating systems based on the Linux kernel, which serves as the core of a computer's operating system. The Linux kernel was first released by Linus Torvalds in 1991, and has exploded in popularity since then, powering both the Android mobile operating system and Chrome OS. Developers are free to use, download, or modify Linux to their own specifications, which contributes to its popularity and widespread usage.

    • Server

      • 10 skills every Linux system administrator should have

        I know what you're saying. You're saying, "Oh, great, someone else telling me that I need soft skills." Yes, that's what I'm telling you. Honing your interviewing skills can not only determine if you get a particular job, it can also be a major factor in the salary you get. It's true. Let's say, for example, that the salary range for a mid-level SA job is $56k to $85k per year. You might be fully qualified for the top of the range, but the company offers you $70k instead and mentions some nonsense about growth potential or they tell you that they'll bring you along when the time is right.

        You need to practice answering questions. Answer the question that's asked. Don't give so much information that you see eyes glazing over, but giving answers that are too short will make you appear arrogant or flippant. Give enough examples of your work to let the interviewer(s) know that you know what you're talking about. They can ask for more details if they want to.

        You have to learn to watch other people's behaviors. Are they listening to you? Are they focused on you and the interview? Do they look as though you haven't said enough when you pause to allow them to speak or ask another question? Watch and learn. Practice with other system administrators in your group. Do mock interviews with the group. I know it might sound silly, but it's important to be able to speak to other people about what you do. This practice can also be good for you in speaking with managers. Don't get too deep into the weeds with non-technical people. Keep your answers concise and friendly, and offer examples to illustrate your points.

      • IBM

        • Comparing Red Hat Ceph Storage 3.3 BlueStore/Beast performance with Red Hat Ceph Storage 2.0 Filestore/Civetweb

          This post is the sequel to the object storage performance testing we did two years back based on Red Hat Ceph Storage 2.0 FileStore OSD backend and Civetweb RGW frontend. In this post, we will compare the performance of the latest available (at the time of writing) Ceph Storage i.e. version 3.3 (BlueStore OSD backend & Beast RGW frontend) with Ceph Storage 2.0 version (mid-2017) (FileStore OSD backend & Civetweb RGW frontend).

          We are conscious that results from both these performance studies are not scientifically comparable. However, we believe that comparing the two should provide you significant performance insights and enables you to make an informed decision when it comes to architecting your Ceph storage clusters.

          As expected, Ceph Storage 3.3 outperformed Ceph Storage 2.0 for all the workloads that we have tested. We believe that Ceph Storage 3.3 performance improvements are attributed to the combination of several things. The BlueStore OSD backend, the Beast web frontend for RGW, the use of Intel Optane SSDs for BlueStore WAL, block.db, and the latest generation Intel Cascade Lake processors.

        • Red Hat: Leading the enterprise Linux server market

          Red Hat has long believed that the operating system should do more than simply exist as part of a technology stack; it should be the catalyst for innovation. Underpinning almost every enterprise IT advancement, from cloud services and Kubernetes to containers and serverless, is the operating system; frequently, this operating system is Linux. Red Hat is proud of the leadership position we have long maintained in the enterprise operating system market, providing the Linux foundation to drive enterprise IT innovation forward.

          Today, we’re pleased to continue this leadership, with a new report from IDC that includes data showing that Red Hat as the leading choice for paid Linux in the worldwide server operating environment market as well as a powerful player in server operating systems at-large.

          According to the report, "Worldwide Server Operating Environments Market Shares, 2018: Overall Market Growth Accelerates:"

        • Microservices-Based Application Delivery with Citrix and Red Hat OpenShift

          Citrix is thrilled to have recently achieved Red Hat OpenShift Operator Certification (Press Release). This new integration simplifies the deployment and control of the Citrix Application Delivery Controller (ADC) to a few clicks through an easy-to-use Operator.

          Before we dive into how you can use Citrix Operators to speed up implementation and control in OpenShift environments, let me cover the benefits of using the Citrix Cloud Native Stack and how it solves the challenges of integrating ingress in Kubernetes.

        • Wavefront Automates and Unifies Red Hat OpenShift Observability, Full Stack

          Red Hat OpenShift is an enterprise Kubernetes platform intended to make the process of developing, deploying and managing cloud-native applications easier, scalable and more flexible. Wavefront by VMware provides enterprise-grade observability and analytics for OpenShift environments across multiple clouds. Wavefront ingests, analyzes and visualizes OpenShift telemetry – metrics, histograms, traces, and span logs – across the full-stack, including distributed applications, containers, microservices, and cloud infrastructure.

          As a result of Wavefront’s collaboration with Red Hat, you can now get automated enterprise observability for OpenShift that’s full stack, through the Red Hat OpenShift Certified Wavefront Operator for OpenShift 4.1 and later. This Operator is available in Operator Hub embedded in OpenShift, a registry for finding Kubernetes Operator-backed services.

        • RHEL 8.1: A minor release with major new container capabilities

          The release of Red Hat Enterprise Linux 8.1 is a minor update to RHEL, but a major step forward with containers. The container-tools:rhel8 application stream has been updated with new versions of Podman, Buildah, Skopeo, runc, container selinux policies and other libraries. The core set of base images in Red Hat Universal Base Image (UBI) have been updated to 8.1, and UBI has expanded to include Go 1.11.5 as a developer use case. There are now 37 images released as part of UBI - they can all be seen on the UBI product page. Finally, we have released some really good updated documentation covering rootless, and other new features in the container-tools module.

          [...]

          When we launched Red Hat Universal Base Image at Red Hat Summit in 2019, we got a lot of great feedback. One of the first requests we received was for Golang. It is a popular programming language in the Cloud Native space, and we immediately recognized the value of adding it (also, I know what you’re thinking! Stay tuned and you might see OpenJDK images soon).

          With the update to RHEL 8.1, we have added the ubi8/go-toolset container to the UBI family. This gives users the ability to compile Go applications using a pre-packaged container with Go 1.11.5.

        • Red Hat’s CTO sees open-source as driver of choice and consistency in hybrid environments

          A case can certainly be made that Red Hat Inc. and the open-source movement have commoditized portions of the information technology infrastructure. A much wider range of tools and systems are now available to enterprises than ever before.

          This trend is just part of the open-source journey, one that Chris Wright (pictured), as the senior vice president and chief technology officer of Red Hat and a veteran Linux developer, has seen evolve over more than 20 years as a software engineer.

          “What we’re experiencing in the Linux space is, it’s driving a commoditization of infrastructure,” Wright said. “It’s switching away from the traditional vertically integrated stack of a [reduced instruction set computer]/Unix environment to providing choice. As infrastructure changes, it’s not just hardware, it’s virtualized data centers, it’s public clouds.”

        • Introduction to the Red Hat OpenShift deployment extension for Microsoft Azure DevOps
    • Audiocasts/Shows

      • 2019-12-04 | Linux Headlines

        Canonical announces Ubuntu Pro, Netflix open sources Metaflow, and Plex has a new streaming service.

      • New "Cooking With Linux" Intro, Built Using Kdenlive

        A couple of days ago, as I was editing a new "Cooking With Linux" video, I realized that the CWL intro I had been using for so long, one I paid some poor soul on Fiverr to make for me, had a Google Plus link as part of the video. As you might know, Google Plus hasn't been around for a while now, so I put aside my mostly completed video (Audacity for Editing Podcasts) and set about creating my own CWL intro. This is what I came up with. Feel free to comment, to tell me it sucks, to appreciate it, or whatever.

      • FLOSS Weekly 558: XWiki

        XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. It includes WYSIWYG editing, OpenDocument based document import/export, semantic annotations and tagging, and advanced permissions management.

      • ZFS Rename Repo | BSD Now 327

        We read FreeBSD’s third quarterly status report, OpenBSD on Sparc64, ZoL repo move to OpenZFS, GEOM NOP, keeping NetBSD up-to-date, and more.

      • The Linux Link Tech Show Episode 836
    • Kernel Space

      • Linux 5.4.2

        I'm announcing the release of the 5.4.2 kernel.

        All users of the 5.4 kernel series must upgrade.

        The updated 5.4.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y

        and can be browsed at the normal kernel.org git web browser:

        https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

      • Linux 5.3.15
      • Linux 4.19.88
      • Linux 4.14.158
      • Linux 4.9.206
      • Linux 4.4.206
      • LSM stacking and the future

        The idea of stacking (or chaining) Linux security modules (LSMs) goes back 15 years (at least) at this point; progress has definitely been made along the way, especially in the last decade or so. It has been possible to stack "minor" LSMs with one major LSM (e.g. SELinux, Smack, or AppArmor) for some time, but mixing, say, SELinux and AppArmor in the same system has not been possible. Combining major security solutions may not seem like a truly important feature, but there is a use case where it is pretty clearly needed: containers. Longtime LSM stacker (and Smack maintainer) Casey Schaufler gave a presentation at the 2019 Linux Security Summit Europe to report on the status and plans for allowing arbitrary LSM stacking.

        LSMs allow adding more restrictions to Linux than those afforded by the traditional security policies. For the most part, those policies reflect the existing mechanisms, such as permissions bits on files. But there are also other security concerns, such as binding to a network socket, that are outside of the usual permissions, so mechanisms to restrict access to them have been added to the LSM interface.

      • Some near-term arm64 hardening patches

        The arm64 architecture is found at the core of many, if not most, mobile devices; that means that arm64 devices are destined to be the target of attackers worldwide. That has led to a high level of interest in technologies that can harden these systems. There are currently several such technologies, based in both hardware and software, that are being readied for the arm64 kernel; read on for a survey on what is coming.

      • Keeping memory contents secret

        One of the many responsibilities of the operating system is to help processes keep secrets from each other. Operating systems often fail in this regard, sometimes due to factors — such as hardware bugs and user-space vulnerabilities — that are beyond their direct control. It is thus unsurprising that there is an increasing level of interest in ways to improve the ability to keep data secret, perhaps even from the operating system itself. The MAP_EXCLUSIVE patch set from Mike Rapoport is one example of the work that is being done in this area; it also shows that the development community has not yet really begun to figure out how this type of feature should work. MAP_EXCLUSIVE is a new flag for the mmap() system call; its purpose is to request a region of memory that is mapped only for the calling process and inaccessible to anybody else, including the kernel. It is a part of a larger address-space isolation effort underway in the memory-management subsystem, most of which is based on the idea that unmapped memory is much harder for an attacker to access.

        Mapping a memory range with MAP_EXCLUSIVE has a number of effects. It automatically implies the MAP_LOCKED and MAP_POPULATE flags, meaning that the memory in question will be immediately faulted into RAM and locked there — it should never find its way to a swap area, for example. The MAP_PRIVATE and MAP_ANONYMOUS flags are required, and MAP_HUGETLB is not allowed. Pages that are mapped this way will not be copied if the process forks. They are also removed from the kernel's direct mapping — the linear mapping of all of physical memory — making them inaccessible to the kernel in most circumstances.

        The goal behind MAP_EXCLUSIVE seems to have support within the community, but the actual implementation has raised a number of questions about how this functionality should work. One area of concern is the removal of the pages from the direct mapping. The kernel uses huge pages for that mapping, since that gives a significant performance improvement through decreased translation lookaside buffer (TLB) pressure. Carving specific pages out of that mapping requires splitting the huge pages into normal pages, slowing things down for every process in the system. The splitting of the direct mapping in another context caused a 2% performance regression at Facebook, according to Alexei Starovoitov in October; that is not a cost that everybody is willing to pay.

        Elena Reshetova indicated that she has been working on similar functionality; rather than enhancing mmap(), her patch provides a new madvise() flag and requires that the secret areas be a multiple of the page size. Her version will eventually wipe any secret areas before returning the memory to general use in case the calling process doesn't do that.

      • F2FS File-System Gets More Fixes With Linux 5.5

        The Flash-Friendly File-System continues to be refined and with the forthcoming Linux 5.5 kernel are more improvements albeit largely bug fixes.

        F2FS in Linux 5.5 improves the in-place updating I/O flow, ensures no garbage collection for pinned files, avoids a needless data migration within the garbage collection code, fixes a potential memory leak, and has a number of other fixes.

      • Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel

        There's growing interest in a new type of software for Linux machines called BPF, which allows the user to run a program in the kernel and enjoy "observability super powers", according to Brendan Gregg, a senior performance architect at Netflix.

        BPF isn't something an average computer user would know about or even use, but for network and software engineers it promises value. At Facebook, for example, engineers use BPF as part of a network load balancer.

        Facebook software engineer Alexei Starovoitov is credited with creating Extended BPF, which is now used in Android for collecting statistics from the kernel, monitoring, or debugging. And Google is using it as part of its Kernel Runtime Security Instrumentation to improve detection of security threat signals, such as a kernel module that loads and hides itself.

      • Graphics Stack

        • mesa 19.3.0-rc6
          Hi list,
          
          

          Available today is mesa 19.3.0-rc6. Things are starting to slow down, and there are now only two open issues in the 19.3 milestone, so I'm hopeful that next week will bring 19.3.0 final, and not an rc7, but I can always be surprised.

          By far radv + aco dominate the list of changes, but there's also changes to anv, panfrost, core gallium, fixes for OpenBSD, iris, and nir.

          Dylan

          Shortlog ========

          Bas Nieuwenhuizen (2): radv: Unify max_descriptor_set_size. radv: Fix timeline semaphore refcounting.

          Boris Brezillon (2): gallium: Fix the ->set_damage_region() implementation panfrost: Make sure we reset the damage region of RTs at flush time

          Christian Gmeiner (1): etnaviv: remove dead code

          Daniel Schürmann (2): aco: don't split live-ranges of linear VGPRs aco: fix a couple of value numbering issues

          Dylan Baker (1): VERSION: bump version for 19.3-rc6

          Jason Ekstrand (1): anv: Set up SBE_SWIZ properly for gl_Viewport

          Jonathan Gray (2): winsys/amdgpu: avoid double simple_mtx_unlock() i965: update Makefile.sources for perf changes

          Jordan Justen (1): iris: Allow max dynamic pool size of 2GB for gen12

          Kenneth Graunke (2): driconf, glsl: Add a vs_position_always_invariant option drirc: Set vs_position_always_invariant for Shadow of Mordor on Intel

          Rhys Perry (5): aco: propagate p_wqm on an image_sample's coordinate p_create_vector aco: fix i2i64 aco: add v_nop inbetween exec write and VMEM/DS/FLAT radv: set writes_memory for global memory stores/atomics nir/lower_io_to_vector: don't create arrays when not needed

          Samuel Pitoiset (2): radv: fix enabling sample shading with SampleID/SamplePosition radv/gfx10: fix implementation of exclusive scans

          git tag: mesa-19.3.0-rc6
        • Mesa 19.3 Might Release Next Week But For Now There's RC6 With Several ACO+RADV Fixes

          Mesa 19.3 continues running behind schedule but stands chances for releasing next week if the lingering blocker bugs are closed.

          Mesa 19.3-RC6 was released today as the newest weekly release candidate and it brought with it several random RADV fixes, a number of ACO compiler back-end fixes that also benefit RADV, a few Gallium3D fixes, an Intel Iris Gen12 fix, and a workaround for Shadow of Mordor on Intel graphics.

        • Mesa Devs Discuss Potentially Dropping Non-Gallium Drivers Or Forking Code For Gallium

          Longtime open-source AMD graphics driver developer Marek Olšák has kicked off a discussion over the possibility in the not too distant future of either dropping non-Gallium3D drivers from Mesa (and moving them off to a maintenance branch or the like) or forking some of Mesa's existing code to allow it to be better optimized for Gallium3D use-cases. Due to raised concerns, other possibilities are also being expressed like simply moving ahead with optimizing the Mesa code-base for Gallium3D at a cost of potentially hitting dead code more often with the classic drivers.

          As it stands now, the only relevant non-Gallium3D driver in the Mesa code-base is Intel i965. While that's currently the default Intel driver, for Broadwell "Gen8" graphics and newer they will be transitioning to their new Iris Gallium3D driver by default expected to happen for Mesa 20.0. The i965 driver will still be around for Haswell and older generations to come -- either within mainline Mesa or some maintenance branch. As part of this new Mesa discussion was a hypothetical comment about creating a new Intel Gallium3D driver for Haswell and older, but that's extremely unlikely to happen and was just brought up as a matter of being thorough. There aren't the extra resources available to create an Intel Gallium3D driver for aging Haswell and older hardware plus that it would likely take around a year to develop and even longer before reaching performance parity to i965.

        • Remove classic drivers or fork src/mesa for gallium?
          Hi,
          
          

          Here are 2 proposals to simplify and better optimize the GL->Gallium translation.

          1) Move classic drivers to a fork of Mesa, and remove them from master. Classic drivers won't share any code with master. glvnd will load them, but glvnd is not ready for this yet.

          2) Keep classic drivers. Fork src/mesa for Gallium. I think only mesa/main, mesa/vbo, mesa/program, and drivers/dri/common need to be forked and mesa/state_tracker moved. src/gallium/state-trackers/gl/ can be the target location.

          Option 2 is more acceptable to people who want to keep classic drivers in the tree and it can be done right now.

          Opinions?

          Thanks, Marek
        • Mir 1.6 Released With New Wayland, DispmanX Platform Support

          Mir 1.6 is out today with the latest batch of features for this Ubuntu-focused display server that offers Wayland client compatibility.

          The two big additions to Mir 1.6 are on the graphics platform front. First, there is now a "Wayland platform" for running Mir as a nested compositor on top of a Wayland compositor. Secondly, the rpi-dispmanx platform is for Broadcom's DispmanX API.

        • Before Ending 2019, Vintage SiS X.Org Driver Sees A New Release

          xf86-video-sis 0.12.0 is available this week as a new version of the SiS display driver for X.Org systems in supporting Silicon Integrated Systems' display hardware.

          This X.Org user-space mode-setting driver has seen its first update in four months but prior to that it hadn't seen any update to the open-source code in three years.

        • RadeonSI Lands SDMA Copy Support For Vega/GFX9

          The RadeonSI Gallium3D driver has finally landed SDMA copy support for Vega/GFX9 graphics hardware, which should principally benefit compute shaders and other cases.

        • AMD's GPUOpen Releases Vulkan Memory Allocator 2.3

          AMD's GPUOpen team has released their first official update to the open-source Vulkan Memory Allocator project in nearly one year.

          Vulkan Memory Allocator is an easy-to-use Vulkan memory allocation library that in the two and a half years since being open-sourced has been picked up for use by multiple games/engineers, Vulkan code samples, and other projects.

        • Chromium's Ozone Wayland Back-End Is Now Considered Beta, Aiming To Ship Next Year

          For years there has been work on a Wayland back-end to Ozone, the Google component for abstracting user-interface elements and input/window handling among other tasks across platforms. It looks like in 2020 the Ozone Wayland support will be in good standing and promoted out of beta.

          We were tipped off to a recent presentation by Igalia's Alexander Dunaev on their work contributing to the Ozone Wayland code. From consulting firm Igalia's perspective, they have been focused on bringing up Ozone Wayland support in the embedded Linux context considering the number of consumer devices now shipping that use Wayland and Chromium or CEF. But all their embedded Linux work for Ozone Wayland also benefits the Linux desktop.

        • Mesa Developers Weigh Renaming Gallium "State Tracker" To "API"

          Gallium3D state tracker terminology has been around a decade now in referring to the portions of the architecture that are ultimately implementing various graphics / compute / video APIs. Marek proposed keeping the Mesa OpenGL state tracker term but in renaming the other state trackers to being "API implementations" as that terminology is technically more accurate for the likes of Clover OpenCL, VA-API, VDPAU, and the other state trackers / APIs implemented.

        • Lima Gets Tiling While Vulkan Turnip Lands SSBO + Compute Shaders

          The Lima Gallium3D driver that supports older Mali 400/450 hardware with an open-source OpenGL driver hasn't been seeing too many improvements these days compared to the likes of the Panfrost Gallium3D driver for the newer Arm Mali Bifrost/Midgard architectures. But hitting Mesa 20.0-devel yesterday was tiling support for Lima. This should improve the performance for this open-source Mali driver and also end up working around the driver's broken mipmapping support for linear textures.

        • Libinput 1.15 Is On Approach With Various Improvements/Fixes For Linux Input Handling

          Peter Hutterer has been preparing libinput 1.15 as the next update to this open-source input handling library used by Linux systems both on X.Org and Wayland.

          Compared to past releases that have seen exciting changes on supporting new input devices like the Dell Totem, scrolling enhancements, and other major additions, there isn't too much of that with libinput 1.15.

    • Benchmarks

      • NVIDIA GeForce GTX 1650 SUPER Linux Performance

        For those looking to spend less than $200 USD on a graphics card, the recently launched NVIDIA GeForce GTX 1650 SUPER offers great value starting at $159 USD and working well with the NVIDIA Linux driver for providing decent 1080p Linux gaming performance as well as OpenCL / CUDA support. Here are benchmarks of the GTX 1650 SUPER alongside a total of 18 lower-end/mid-range AMD Radeon and NVIDIA GeForce graphics cards on Ubuntu Linux.

        The NVIDIA GeForce GTX 1650 SUPER features 1280 CUDA cores, a reference 1530MHz base clock, 1725MHz boost clock, 4GB of GDDR6 video memory on a 128-bit bus, and other common NVIDIA Turing GPU features sans this being a GTX part and not RTX thus no RT cores.

      • An Extensive Look At The AMD Naples vs. Rome Power Efficiency / Performance-Per-Watt

        Since the AMD EPYC 7002 "Rome" series launch in August we have continue to be captivated by the raw performance of AMD's Zen 2 server processors across many different workloads as covered now in countless articles. The performance-per-dollar / TCO is also extremely competitive against Intel's Xeon Scalable line-up, but how is the power efficiency of these 7nm EPYC processors? We waited to deliver those numbers until having a retail Rome board for carrying out those tests and now after that and then several weeks of benchmarking, here is an extensive exploration of the AMD EPYC 7002 series power efficiency as well as a look at the peak clock frequencies being achieved in various workloads to also provide some performance-per-clock metrics compared to Naples.

    • Applications

      • qBittorrent 4.2.0 Adds Support For Libtorrent 1.2, New Features

        qBittorrent 4.2.0 was released recently featuring support for libtorrent 1.2, some minor new features, as well as WebUI updates.

        qBittorrent is a free and open source BitTorrent client for Windows, macOS, OS/2, Linux and FreeBSD, written in C++ (Qt) and Python (for its optional search engine). It comes with a Qt GUI, but it can also be used on a headless server, without requiring the X window system -- in both GUI and headless mode you can remote control it through its web user interface.

        The application comes with pretty much everything you'd need in a BitTorrent client, from sequential downloading and bandwidth scheduling to a torrent creation tool, anonymous mode, integrated search engine, RSS feed reader and downloader with advanced filters, IP filtering, and of course support for DHT, PeX, encrypted connections, LSD, UPnP and NAT-PMP port forwarding support, €µTP, magnet links, private torrents and more.

      • qBittorrent 4.2 Released! How to Install in Ubuntu

        qBittorrent bittorrent client released new stable version 4.2.0 a few days ago. Here’s how to install it in Ubuntu 18.04, Ubuntu 19.04, and Ubuntu 19.10.

      • Polo – A Modern Light-weight File Manager for Linux

        Polo is a modern, light-weight and advanced file manager for Linux, that comes with a number of advanced features that are not present in many commonly used file managers or file browsers on Linux distributions.

        It comes with multiple panes with multiple tabs in each pane, support for archive creation, extraction and browsing, support for cloud storage, support for running KVM images, support for modifying PDF documents and image files, support for writing ISO files to UDB drives and much more.

    • Instructionals/Technical

    • Games

      • Ciel Fledge, an intriguing post-apocalypse daughter raising sim releases next year

        It's 3716 and most of humanity lives on the floating city, ARK-3, to get away from a colossal alien threat that almost caused our extinction. Amongst all the chaos, a mysterious young girl is found and that's where you come in.

        Ciel Fledge is a game about raising an adopted daughter in a future world that still has hope. One we took a look at some time ago and it finally has a release date. Studio Namaapa and PQube Limited have announced it's releasing on February 21, 2020.

      • Slender Threads, a new point & click adventure thriller announced

        From the developer behind the rather amusing Nobodies and Kelvin and the Infamous Machine, Blyts just announced their new adventure thriller Slender Threads.

        In Slender Threads you will guide the protagonist, Harvey Green, an unremarkable travelling salesman through the scenic yet empty community of Villa Ventana. While nefarious, unseen forces exert increasingly more sway over him and the town's residents.

      • Retro styled strategic fleet defence game XO has entered Early Access

        In the space strategy game XO, you take command of the last remaining Battleship as you attempt to gather a fleet in a desperate bid to save humanity.

        Sound a bit like Battlestar Galactica? Well, it should. The team said they were actually inspired by Battlestar Galactica, The Lost Fleet series, and games like FTL. Jumpdrive Studios ran a successful Kickstarter campaign for it back in 2015, so it's been a while in the making.

      • Add jumping to your Python platformer game

        In the previous article in this series, you simulated gravity, but now you need to give your player a way to fight against gravity by jumping.

        A jump is a temporary reprieve from gravity. For a few moments, you jump up instead of falling down, the way gravity is pulling you. But once you hit the peak of your jump, gravity kicks in again and pulls you back down to earth.

        In code, this translates to variables. First, you must establish variables for the player sprite so that Python can track whether or not the sprite is jumping. Once the player sprite is jumping, then gravity is applied to the player sprite again, pulling it back down to the nearest object.

      • Trip the Ark Fantastic, a colourful story-driven adventure set in the Animal Kingdom announced

        An adventure through the Animal Kingdom in Trip the Ark Fantastic, announced today from Croatian developer Gamechuck.

        It's a story-driven adventure game set in the Animal Kingdom on the verge of both industrial and social revolution. It seems to put a new spin on the story of Noah's Ark, except this time the ancient myth here is that the ark was built by lions millennia ago to save all animals from a great flood. The story follows Charles, a hedgehog scholar on a mission by the lion king to save the monarchy, but his decisions could end up helping reformists or even to bring about anarchy.

      • Stadia Live Streaming with Farming Simulator 19

        No, I don't know anything about this game and yes, it's my first time playing.

      • The big Rocket League update that kicked out loot boxes is now live

        Psyonix have given loot boxes the boot in the latest update to Rocket League, with a new Blueprint and Item Shop system. There's a whole lot more to it too.

        Instead of loot boxes, they now have a Blueprint system where you know what the item is and so there's no gambling involved. These Blueprints can drop after an online match.

      • Motion Twin announce The Bad Seed expansion for Dead Cells

        The first paid DLC is on the way for Dead Cells, with Motion Twin hoping The Bad Seed will help their spin-off company Evil Empire continue pushing out further free content updates.

        Sounds like they've been seriously busy (announcement here). With The Bad Seed DLC releasing in "Q1" next year, they've said it will be around $5 and since they've been doing quite meaty free updates for a while, it seems quite reasonable. If things go well with this DLC, they said they're aiming for at least another two years of free content updates for everyone to the base game.

      • Fedora 31 : Lutris the Open Source gaming platform for Linux.

        Lutris is an Open Source gaming platform for Linux. It installs and launches games so you can start playing without the hassle of setting up your games. Get your games from GOG, Steam, Battle.net, Origin, Uplay and many other sources running on any Linux powered gaming machine.

    • Desktop Environments/WMs

      • Switching from Gnome to a tiling window manager

        After having thought about it since "forever", I finally decided to switch to a tiling window manager. I went with sway since it runs on wayland and since it seems to be the recommended "wayland version of i3", a tiling window manager that many of my tech friends use ;)

        After a few days of using sway, I'm pretty sure that I won't switch back anytime soon. It feels super convenient to have all windows tiled on the screen and being able to rearrange and resize them easily with a few keyboard shortcuts.

        There's still some things that didn't work instantly, so I'll try to document them here in hope that it's useful to others.

    • Distributions

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Yes We Do it Again: SUSE Doc Day at SUSECON 2020

          A Doc Day is a time when a group of people gathers to collaborate on writing documentation on one or more given topics. The main premise for our Doc Day is to get a group of interested people – YOU – in a room together and have you work towards shared goals. To help you feel more comfortable, we will give a short overview of our documentation, how we usually work, and how you can contribute. Of course, you cannot write entire manuals or guides in one single day. But you can help us to improve existing documentation by reviewing, editing and updating it. In addition, we will use the Doc Day to kick-off the creation of new guides and papers for topics that you think are not yet covered (well enough).

        • openSUSE Board election 2019-2020 – Call for Nominations, Applications

          Two seats are open for election on the openSUSE Board. Gertjan Lettink completed his second term. Simon Lees completed his first term and thus he is eligible to run as a Board candidate again should he wish to do so.

        • status.opensuse.org updated

          Our infrastructure status page at https://status.opensue.org/ is using Cachet under the hood. While the latest update brought a couple of bugfixes it also deprecated the RSS and Atom feeds, that could be used to integrate the information easily in other applications.

          While we are somehow sad to see such a feature go, we also have to admit that the decision of the developers is not really bad - as the generation of those feeds had some problems (bugs) in the old Cachet versions. Instead of fixing them, the developers decided to move on and focus on other areas. So it's understandable that they cut off something, which is not in their focus, to save resources.

        • SSL cipher updates

          Sometimes it's a good idea to follow best practices. This is what we did by following the recommendations for "general-purpose servers with a variety of clients, recommended for almost all systems" from https://ssl-config.mozilla.org/.

      • Fedora Family

        • Fedora 29 Officially Reached End of Life (EOL) on November 26th 2019

          Fedora 29 has officially reached End of Life (EOL) effective on November 26th 2019.

          Users are advised to upgrade the latest release of Fedora 30 or Fedora 31, which was released on October 29, 2019.

          It’s a good time to upgrade your system as this EOL version repositories won’t be get any updates from the Fedora community.

          I mean to say, no updates will be pushed to any of the Fedora 29 repositories going forward such as security, bugfix, or enhancement updates.

          Also, they won’t add anymore new packages to Fedora 29 repositories.

          It means, we shouldn’t run EOL operating system because we won’t be getting any benefits from the community.

          It’s very risk and leads to face some security related issues when we run the EOL operating system.

        • PHP version 7.2.26RC1 and 7.3.13RC1

          RPM of PHP version 7.3.13RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

          RPM of PHP version 7.2.26RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

        • Heroes of Fedora (HoF) – F31 Final

          Hello fellow testers, welcome to the Fedora 31 Final installation of Heroes of Fedora! In this post, we’ll look at the stats concerning the testing of Fedora 31 Final. The purpose of Heroes of Fedora is to provide a summation of testing activity on each milestone release of Fedora. Without community support, Fedora would not exist, so thank you to all who contributed to this release! Without further ado, let’s get started!

      • Debian Family

        • Debian GNU/Linux 11 "Bullseye" Installer Is Now Available for Public Testing

          Unveiled earlier this year during the DebConf19 conference, Debian GNU/Linux 11 "Bullseye" will be the next major release of the acclaimed Linux-based operating system used by millions of computer users around the globe. It's development kicked off a few months ago, so now it's time to test drive the very first alpha build of the Debian Bullseye Installer.

          "It's high time we started doing this: many components were updated, replacing “CD”/“CD-ROM” with “installation media”. Such changes are not documented individually below. That also explains why many languages are not fully translated in this alpha release," said Cyril Brulebois on behalf of the Debian release team.

        • Molly de Blanc: Free software activities (November 2019)

          November brings two things very demanding of my time: Thanksgiving and the start of fundraising season.

          [...]

          Debian is having a GR. I’ve been following the development of proposals and conversation, which is basically a part time job in and of itself.

      • Canonical/Ubuntu Family

        • Canonical Reveals Ubuntu Pro Linux ISO Images for AWS

          Canonical, the maker of famous Linux OS Ubuntu, has got an offer for Amazon’s AWS users. AWS users are mostly deploying Ubuntu as their major software on AWS servers for additional benefits over Windows. This modified Linux OS can be more flexible in options that help businesses to craft their operations accordingly in a much better way.

          This new release will be offered to cloud and enterprise businesses relying on AWS. There’s a standard Amazon Machine Images (Amazon AMIs) of Ubuntu that’s available in AWS Region already, yet there’s an introduction of Ubuntu’s Pro Images now. This new pack is an optimized version of the standards.

        • Ubuntu Pro arrives on AWS Marketplace with added security benefits

          Canonical has made Ubuntu Pro images available on the AWS marketplace.

          They are present in three flavors – Ubuntu 14.04 LTS, 16.04 LTS and 18.04 LTS – and these are premium images designed for businesses which come with important security and compliance features automatically enabled, not to mention extended maintenance.

          [...]

          On the compliance front, Ubuntu Pro offers: “Customized FIPS and Common Criteria EAL-compliant components for use in environments under compliance regimes such as FedRAMP, PCI, HIPAA and ISO.”

          There’s also integration with various AWS security and compliance features, including the AWS Security Hub – although that won’t be available until the first quarter of next year.

        • Canonical now offers AWS optimized Ubuntu Linux

          When it comes to cloud operating system popularity, Ubuntu Linux is, by far, the most popular operating system on Amazon Web Services (AWS). According to the Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2), Ubuntu has over 364,000 images with only generic Linux images surpassing it. Now, Canonical, Ubuntu's parent company, is seeking to further its domination by offering premium Ubuntu Pro Linux images to Amazon Web Services (AWS).

        • Canonical drops optimized Ubuntu Pro images on AWS

          Ubuntu Linux is already the most popular cloud operating system on Amazon Web Services Inc.’s cloud, but Canonical Ltd., the company that develops it, is hoping to extend its dominance by offering “premium” Ubuntu Pro Linux images to AWS users.

          The new Ubuntu Pro images are supported on the Amazon Elastic Compute Cloud and cover the three most recent long-term releases, including Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Further, they enable enterprises to purchase longer updates and security maintenance, as well as broader security coverage, with no contract needed.

        • Canonical Releases ‘Ubuntu Pro’ Linux Images for Amazon Web Services

          As far as cloud operating systems is concerned, Ubuntu Linux is, by far, the most popular one on Amazon Web Services (AWS). Now, Ubuntu’s parent company Canonical is trying to extend its dominance even further by offering premium Ubuntu Pro Linux images to AWS users.

          Ubuntu Pro has been created exclusively for Amazon Web Services and caters to the ever-growing needs of cloud and enterprise customers.

        • [Canonical on] The mundane revolution: Unexpected innovations in robotics

          Today’s headlines tend to focus on the weird and wonderful robots of this world: the Hollywood Terminators or mechanical dogs developed by Boston Dynamics and other Silicon Valley start-ups.

          The greatest innovations, however, can often be found in the more mundane corners of our society, within the industries and environments people least expect.

          It’s happened with medicine and the discovery of penicillin, for example, while Archimedes had his eureka moment in the bath.

          Robotics is no different. Its true value as a proposition will only reveal itself when we take the obvious with the sublime, and do not overlook the sublime simpler uses of robots, already active in the market today.

        • Snapcraft now auto-detects missing dependencies

          When you build snaps, the process of composing a complete snapcraft.yaml file will usually revolve around three main activities: parts, build requirements and runtime components. Sometimes, you may discover that you’re missing certain libraries in the compilation stage, or that they are required for your application to run. In most cases, you will iterate on your build a few times, and perhaps use our faster development guide to quickly nail down the missing elements.

          From snapcraft release 3.7 onward, things have become ever so easier. Now, it is possible to have snapcraft automatically detect and list missing runtime libraries, and allow you to complete your build with fewer errors and in less time.

    • Devices/Embedded

      • Rock Pi N10 SBC delivers AI-enhanced RK3399Pro starting at $99

        Radxa’s “Rock Pi N10” SBC runs Debian or Android 8.1 on an RK3399Pro for $99 (4GB RAM/16GB eMMC), $129 (6GB/32GB), or $169 (8GB/64GB), with the RAM split between the 6x CPU cores and the up to 3-TOPS NPU. The SBC is built around a Vamrs VMARC RK3399Pro SoM.

        Radxa has gone to Seeed to launch an open-spec, community-backed Rock Pi N10 SBC with an AI-enabled Rockchip RK3399Pro SoC delivered via Vamrs’ VMARC RK3399Pro SoM compute module. While the RK3399Pro is essentially a hexa-core RK3399 that adds an up to 3-TOPS NPU, the Rock Pi N10 is not just a Rock Pi 4 with an updated Pro SoC. Unlike that RK3399-based Raspberry Pi pseudo-clone, the Rock Pi N10 is a sandwich-style 100 x 100mm board. Despite the larger size, the feature set is very similar.

      • The Nest Box: DIY Springwatch with Raspberry Pi

        Last week, lots and lots of you shared your Raspberry Pi builds with us on social media using the hashtag #IUseMyRaspberryPiFor. Jay Wainwright from Liverpool noticed the conversation and got in touch to tell us about The Nest Box, which uses Raspberry Pi to bring impressively high-quality images and video from British bird boxes to your Facebook feed.

      • SBCs and compact embedded PCs run Linux on Ryzen Embedded

        EEPD’s Linux-ready “ProFive NUCR” SBC and “Box-NUCR” embedded PC based on it are built around AMD’s Ryzen Embedded R1000 SoC. The products follow the similar, but V1000-based ready “ProFive NUCV” and “Box-NUCV” released earlier this year.

        In mid-November, EEPD (or E.E.P.D.) announced an AMD Ryzen Embedded R1000 based Box-NUCR embedded computer built in Germany that runs Ubuntu. The Box-NUCR, which is based on a separately available ProFive NUCR SBC, was promoted this week by AMD as part of an Ryzen Embedded open ecosystem of R1000 and V1000-based mini-PCs and compact embedded computers that also includes new OnLogic and ASRock systems. AMD’s ecosystem encompasses a similar Ryzen Embedded V1000 based Box-NUCV and ProFive NUCV SBC that were announced in February (see farther below.)

      • Grove Sensors For Raspberry Pi

        Raspberry Pi is a great invention that ever happened. The little $35 computer can be used to build from a cam kit to the future of kids in rural India. To learn more about what this little device can do or has done, read this article I wrote a while back.

        You can also visit Raspberry Pi’s official page and see how Raspberry Pi is being used for research and education.

        In this article, I will also use Raspberry Pi to create something very interesting and useful. I am going to use Grove Sensors with Raspberry Pi and monitor the environment around the device, for example, temperature, air pollution, and water, etc.

      • The Yocto Project 3.0 release

        The Yocto Project recently announced its 3.0 release, maintaining the spring/fall cadence it has followed for the past nine years. As well as the expected updates, it contains new thinking on getting the best of two worlds: source builds and prebuilt binaries. This fits well into a landscape where reproducibility and software traceability, all the way through to device updates, are increasingly important to handle complex security issues. This update contains the usual things people have come to expect from a Yocto Project release, such as upgrades to the latest versions of many of the software components including GCC 9.2, glibc 2.30, and the 5.2 and 4.19 kernels. But there is more to it than that.

        One major development in this release was the addition of the ability to run the toolchain test suites. The project is proud of its ability to run builds of complete Linux software stacks for multiple architectures from source, boot them under QEMU, and run extensive software tests on them, all in around five hours. In that time we can now include tests for GCC, glibc, and binutils on each of the principal architectures. As a result, the test report for the release now has around two-million test results.

      • Purism

      • Purism Announces "Made in USA" Librem 5 Linux Phone, Now Available for Pre-Order

        It's a known fact that Purism has done everything they could to make the Librem 5 the most secure and private smartphone on the market, but the fact of the matter that it's not built in the United States of America might not please some customers.

        As such, the company, which is known for their security- and privacy-focused Linux-based laptops and phones, is now offering a special Librem 5 version manufactured in the US, with components made in the USA, in the same US facility where the Librem 5 devkits and Librem Key were built.

        "Having a secure auditable US based supply chain including parts procurement, fabrication, testing, assembly, and fulfillment all from within the same facility is the best possible security story," said Todd Weaver, Founder and CEO of Purism. "By moving the supply chain into the same facility complex as our assembly and fulfillment center, we can directly oversee each stage of the production."

      • Librem 5 USA

        We continue to enjoy seeing the reactions from customers who have received their Librem 5 units from the Birch batch. Now that Birch is out and we continue to make progress on the Librem 5 (with more updates to come!), we are excited to be able to reveal another important project we have been working on for many months. Purism now offers an important Librem 5 option for our customers that have particular concerns around security and the supply chain.

        We are committed to constantly improving the security of our products. One concern we hear repeatedly from our customers is over attacks in the hardware and software supply chain. We have written about the importance of protecting the digital supply chain before, and as we grow we continue to find new opportunities to further strengthen the security of our own supply chain, including most recently by offering the PureBoot Bundle–tamper-evident firmware straight from our facility.

        While we continue to improve the security of our Librem laptops, we also recognize that one of the most important computers many people own is their smart phone. This is the device you carry with you everywhere you go and likely has some of your most sensitive and personal data–it’s the device most at risk from a security and privacy standpoint. If there’s any device that should have as secure of a supply chain as possible, it’s a phone. Our experience in making our Librem 5 devkits in the USA and most recently moving Librem Key production to the same US facility has led to today, where we are excited to announce a new USA-produced version of the Librem 5 phone!

      • Purism Announces Librem 5 "USA" Model For $1999 USD

        Purism announced today a Librem 5 USA model of their smartphone that has the same specifications and features of their Librem 5 Linux smartphone but manufactured in the US. That pushes the 720x1440 display, i.MX8M, 3GB RAM, 32GB eMMC, 802.11n device from $699 USD to $1,199 USD. Update: Errr the price was raised now apparently to $1999 USD.

        They announced the Librem 5 USA model today at the $1199 USD price point (or $1999 USD if their latest edit is accurate) but won't begin shipping until Q3'2020. The device will eventually be made at the same USA facility that makes their Librem Key and the former Librem 5 developer kits.

        • coreboot 4.11: Leaving No Librem Behind

          One of Purism’s core beliefs is to ensure that to the best of our ability, all new features, fixes, and improvements will be applied to all products, past and present.

        • Purism Closes $2.5m Note Series

          Purism as a Social Purpose Company (SPC) ensures the rights of humanity by creating products that fully respect people, and that mission has garnered a lot of attention and growth. One of the reasons Purism registered as an SPC was so that we could accept inbound investment without the risk that a toxic investor could force us to violate our values for profit (a common problem in C corporations). As a social purpose company Purism enshrines in its articles of incorporation that we must do what is good for society, therefore avoiding any and all toxic funding by virtue of the strictness of those articles.

          Funding growth—in addition to the triple-digit (yes that is over doubling) shipped revenue growth year-over-year since 2014 that Purism has been fortunate to see—can come in many forms, be that inventory financing, lines of credit, investment, and equity financing, to name a few.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Events

      • A recap of KVM Forum 2019

        The 13th KVM Forum virtualization conference took place in Lyon, France in October 2019. One might think that development may have finished on the Kernel Virtual Machine (KVM) module that was merged in Linux 2.6.20 in 2007, but this year's conference underscored the amount of work still being done, particularly on side-channel attack mitigation, I/O device assignment with VFIO and mdev, footprint reduction with micro virtual machines (VMs), and with the ability to run VMs nested within VMs. Many talks also involved the virtual machine monitor (VMM) user-space programs that use the KVM kernel module—of which QEMU is the most widely used.

      • Enhancing KVM for guest protection and security

        A key tenet in KVM is to reuse as much Linux infrastructure as possible and focus specifically on processor virtualization. Back in 2007, this meant a smaller code base and less friction with the other kernel subsystems, especially when compared with other virtualization technologies such as Xen. This led to KVM being merged into the mainline with relative ease.

        But now, in the era of microarchitectural vulnerabilities, the priorities have shifted, and the KVM's reliance on other kernel subsystems can be a liability. For one thing, the host kernel widens the TCB (Trusted Computing Base) and makes for a larger attack surface. In addition, kernel data structures such as the direct memory map give Linux access to guest memory even when it is not strictly necessary and make it impossible to fully enforce the principle of least privilege. In his talk "Enhancing KVM for Guest Protection and Security" (slides [PDF]) presented at KVM Forum 2019, long-time KVM contributor Jun Nakajima explained this risk and suggested some strategies to mitigate it.

      • Bar charts for diversity

        At the Linux App Summit I gave an unconference talk titles Hey guys, this conference is for everyone. The “hey guys” part refers to excluding people from a talk or making them feel uncomfortable – you can do this unintentionally, and the take-away of the talk was that you, (yes, you) can be better.

        I illustrated this mostly with conversational distance, a favorite topic of mine that I can demonstrate easily on stage. There’s a lot of diversity in how far people stand away from strangers, while explaining something they care about.

        The talk wasn’t recorded, but I’ve put the slides up.

        Another side of diversity can be dealt with by statistics. Since I’m a mathematician, I have a big jar of peanuts and raisins in the kitchen. Late at night I head down to the kitchen and grab ten items from the jar. Darn, all of them are raisins. What are the odds!?

        Well, a lot depends on whether there are any peanuts in the jar at all; what percentage is peanuts; whether I’m actually picking things randomly or not.

        There’s a convenient tool that Katarina Behrens pointed me to, which can help figure this out. Even if there’s only a tiny fraction of peanuts in the jar, there’s an appreciable chance of getting one (e.g. change the percentage on that page to 5% and you’ll see).

    • Web Browsers

      • Mozilla

        • Firefox Picture in Picture is Sweet, Here’s How to Use it on Linux

          Picture in picture (PIP) is a novel feature that makes it a doddle to watch a video while you’re busy doing something else (like reading blog posts).

          How? It allows video content to “pop out” of a web page and play in a separate floating window (with mouse-over player controls, where possible).

          With PIP you no longer need to tear out a browser tab, resize it narrowly, and try and fit it in somewhere on your screen.

          And Firefox 72, which is currently in beta, supports this handy feature on the Linux desktop.

        • Firefox 71 Linux Performance Isn't Looking All That Great

          With each new release of Firefox we set out to see how the performance is looking on the Linux desktop. One discovery we've made is that when using Intel's Clear Linux the Firefox performance is a lot more competitive to Google Chrome than we traditionally see on Ubuntu Linux. But with Firefox 71 we're seeing the performance trending lower compared to Firefox 69 and 70.

          Here are some benchmarks of Firefox 69 / 70 / 71 builds using the official Mozilla binaries along with Chrome 78. All of the benchmarks freshly done from the same system that this time around was running Clear Linux.

        • Mozilla locks nosy Avast, AVG extensions out of Firefox store amid row over web privacy

          The Firefox extensions built by Avast have been pulled from the open-source browser's online add-on store over privacy fears.

          Adblock Plus founder Wladimir Palant confirmed this week Mozilla has taken down the Avast Online Security and Avast-owned AVG Online Security extensions he reported to the browser maker, claiming the code was snooping on users' web surfing.

          The problem, as Palant has been documenting on his blog for some time, is that the extensions – which offer to do things like prevent malware infections and phishing – may go well beyond their needed level of access to user information to do their advertised functions.

          According to Palant, the Avast extensions, when installed in your browser, track the URL and title of every webpage you visit, and how you got to that page, along with a per-user identifier and details about your operating system and browser version, plus other metadata, and then transmit all that info back to Avast's backend servers. The user identifier is not always sent, according to Palant: it may not be disclosed if you have Avast Antivirus installed.

          The rub seems to be that Avast says it needs this personal data to detect dodgy and fraudulent websites, while Palant argues the company goes too far and wanders into spyware territory. While Avast's explanation is plausible, there are much better and safer ways to check visited pages for nastiness, typically involving cryptographic hashes of URLs, than firing off all visited web addresses to an Avast server, we note.

        • Zibi Braniecki: Multilingual Gecko – 2017-2018 – Rearchitecture

          Between 2017 and 2018 we refactored a major component of the Gecko Platform – the intl/locale module. The main motivator was the vision of Multilingual Gecko which I documented in a blog post.

          Firefox 65 brought the first major user-facing change that results from that refactor in form of Locale Selection. It’s a good time to look back at the scale of changes. This post is about the refactor of the whole module which enabled many of the changes that we were able to land in 2019 to Firefox.

        • How to stop third party tracking on health sites

          This practice isn’t always unlawful, but it is creepy. Tracking by third parties happens across a wide swath of websites, but it is especially unsettling for health-related websites.

          [...]

          If you’re fed up with the level of third party tracking happening on the web, take control of your personal data with Firefox with Enhanced Tracking Protection.

          The Firefox privacy protections dashboard reveals who’s trying to track you behind the scenes and helps you stop them. To see who’s trying to track you on individual webpages, click on the shield icon to the left of the Firefox address bar. (If you don’t see the shield, here’s how to update your Firefox.)

        • Mozilla GFX: moz://gfx newsletter #49

          By way of introduction, I invite you to read Markus’ excellent post on this blog about CoreAnimation integration yielding substantial improvements in power usage if you haven’t already.

          Next steps in this OS compositor integration saga include taking advantage CoreAnimation with WebRender’s picture caching infrastructure (rendering tiles directly into CoreAnimation surfaces), as well as rendering using a similar mechanism on Windows via DirectComposition surfaces. Markus, Glenn and Sotaro are making good progress on all of these fronts.

        • JSConf JP 2019 - Tokyo, Japan

          I do not step often in JavaScript conference. The language is not my cup of tea. I go through minified, obfuscated broken code every day for webcompat work. JavaScript switched from language that "makes Web page inaccessible and non performant" to "waste of energy, cpu, and nightmare to debug".

          But this last week-end, I decided to participate to JSConf JP 2019 and I had a good time. I met cool and passionate people. I also felt old. You will understand later why.

        • DeepSpeech 0.6: Mozilla’s Speech-to-Text Engine Gets Fast, Lean, and Ubiquitous

          The Machine Learning team at Mozilla continues work on DeepSpeech, an automatic speech recognition (ASR) engine which aims to make speech recognition technology and trained models openly available to developers. DeepSpeech is a deep learning-based ASR engine with a simple API. We also provide pre-trained English models.

          Our latest release, version v0.6, offers the highest quality, most feature-packed model so far. In this overview, we’ll show how DeepSpeech can transform your applications by enabling client-side, low-latency, and privacy-preserving speech recognition capabilities.

        • AiC: Improving the pre-RFC process

          I want to write about an idea that Josh Triplett and I have been iterating on to revamp the lang team RFC process. I have written a draft of an RFC already, but this blog post aims to introduce the idea and some of the motivations. The key idea of the RFC is formalize the steps leading up to an RFC, as well as to capture the lang team operations around project groups. The hope is that, if this process works well, it can apply to teams beyond the lang team as well.

          [...]

          In general, you can think of the RFC process as a kind of “funnel” with a number of stages. We’ve traditionally thought of the process as beginning at the point where an RFC with a complete design is opened, but of course the design process really begins much earlier. Moreover, a single bit of design can often span multiple RFCs, at least for complex features – moreover, at least in our current process, we often have changes to the design that occur during the implementation stage as well. This can sometimes be difficult to keep up with, even for lang-team members.

          This post describes a revision to the process that aims to “intercept” proposals at an earlier stage. It also proposes to create “project groups” for design work and a dedicated repository that can house documents. For smaller designs, these groups and repositories might be small and simple. But for larger designs, they offer a space to include a lot more in the way of design notes and other documents.

          Assuming we adopt this process, one of the things I think we should be working on is developing “best practices” around these repositories. For example, I think that for every non-trivial design decision, we should be creating a summary document that describes the pros/cons and the eventual decision (along with, potentially, comments from people who disagreed with that decision outlining their reasoning).

    • Productivity Software/LibreOffice/Calligra

      • Fixed a terrible [LibreOffice] regression

        There was a bug tdf#128133 about "muddy fonts in LibreOffice GUI with 125% scale in Windows". I have 125% scaled GUI on all my machines with Windows because I have a bad vision. And that bug was very terrible for me. The bug was a regression but we have couldn't to find a bad commit using bibisect process. We just have had wrong result.

      • [LibreOffice] Celebrating International Volunteer Day

        Today is International Volunteer Day. All around the world, volunteers give their time and energy to help many different causes – including free and open source software projects like LibreOffice.

        Indeed, LibreOffice wouldn’t be where it is today, without the incredibly valuable help of hundreds of volunteers in the last decade. So to everyone who has contributed to our project and community over the years, we at The Document Foundation want to say a big thank you! Your work has helped many millions of LibreOffice users around the world benefit from powerful, open and multilingual productivity tools.

    • FSF

      • The FSF tech team: doing more for free software

        At the Free Software Foundation (FSF), we like to set big goals for ourselves, keeping a relatively small group of dedicated activists determined to cover a lot of ground in a short time.The FSF tech team, for example, has just four members -- two senior systems administrators, one Web developer, and a part-time chief technology officer -- yet we manage to run over 120 virtual servers. These run on about a dozen machines hosted at four different data centers. These include many public-facing Web sites and community services, as well as every single IT requirement for the staff: workstations, data storage and backup, networking, printing, accounting, telephony, email, you name it.

        We don't outsource any of our daily software needs because we need to be sure that they are done using only free software. Remember, there is no "cloud," just other people's computers. For example: we don't outsource our email, so every day we send over half a million messages to thousands of free software hackers through the community mailing lists we host. We also don't outsource our Web storage or networking, so we serve tens of thousands of free software downloads -- over 1.5 terabytes of data -- a day. And our popularity, and the critical nature of the resources we make available, make us a target for denial of service attacks (one is ongoing as we write this), requiring constant monitoring by the tech team, whose members take turns being ready for emergency work so that the resources our supporters depend on stay available.

        As hard as we work, we still want to do more, like increasing our already strict standards on hardware compliance, so in 2020, we will finish replacing the few remaining servers that require a non-free BIOS. To be compliant to our own high standards, we need to be working with devices that are available through Respects Your Freedom retailers. We plan to add new machines to our farm, so that we can host more community servers like the ones we already host for KDE, SugarLabs, GNU Guix, Replicant, gNewSense, GNU Linux-Libre, and FSFLA. We provide completely virtual machines that these projects use for their daily operations, whether that's Web hosting, mailing lists, software repositories, or compiling and testing software packages.

        We know that many software projects and individual hackers are looking for more options on code hosting services that focus on freedom and privacy, so we are working to set up a public site that anybody can use to publish, collaborate, or document their progress on free software projects. We will follow strict criteria to ensure that this code repository hosts only fully free software, and that it follows the very best practices towards freedom and privacy.

      • What's new in the GNU Press Shop

        Greetings from the GNU Press Shop! This is an update on what's new and exciting at the Free Software Foundation's (FSF) online store, your source for GNU apparel, programming manuals, and more. We know at this time of year you'll be looking for GNU gifts for your favorite free software enthusiasts, and we have some terrific new picks for you to choose from! For holiday gifting, shipped within the US, we recommend placing your order before December 17th.

        For starters, we've got just the thing for the chilly season: we have replaced our extended selection of hooded sweatshirts with a single, user-friendly zip-up design. It still comes in our signature maroon color, but with an all-new "happy computer" graphic by the FSF's superstar 2019 intern Valessio Brito. Between this sweatshirt and the satisfying feeling of helping spread the word about software freedom, we think you'll be quite warm and cozy this winter.

      • FSFE

        • Report from the 2019 FSFE Community Meeting in Bolzano, Italy

          Report from the 2019 FSFE Community Meeting in Bolzano, Italy This year's FSFE Community Meeting took place from Friday 15 November to Saturday 16 November 2019 as part of SFSCon - an annual Free Software event in the city of Bolzano in South Tyrol, Italy. As in previous editions, embedding our community meeting in another event gave us the opportunity to meet different parts of our own community as well as to connect with people from other communities.

          On Friday, SFScon started officially and the NOI Techpark transformed into the interim capital of Free Software with talks and booths. Of course, the FSFE booth was also part of it and the booth team commandeered the whole area by installing a balloon chain and putting up posters. The rumours that the booth team gave away free pizza (not as in freedom) to gain more attention, are highly exaggerated, though.

    • Programming/Development

      • This Week in Rust 315

        Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

      • Python

        • Adding Notifications to Long-Running Jupyter Notebook Cells

          If you use Jupyter Notebook to run long-running processes, such as machine learning training, then you would probably like to know when the cell finishes executing. There is a neat browser plugin that you can use to help solve this issue called jupyter-notify. It will allow you to have your browser send a pop-up message when the cell finishes executing.

        • #100DaysOfCode, Day 015 – Quick and Dirty Web Page Download

          I wanted to write a program that would just get the latest comic from turnoff.us and save the picture to a file.

        • Mozilla and Chan Zuckerberg Initiative to support pip
        • Creating Palindromes -- if possible -- from a string of letters.

          I don't like the idea of Union[str, int] as a return type from this function. Yes, it's valid Python, but it seems like a code smell. Since the intent is to build lists, a None would be more sensible than a number; we'd have Optional[str] which seems better overall.

          The solution that was posted was interesting. It did way too much work, but it was acceptable-looking Python. (It started with a big block comment with "#" on each line instead of a docstring, so... there were minor style problems, but otherwise, it was not bad.)

        • Functional programming design pattern: Nested Iterators == Flattening

          Here's a functional programming design pattern I uncovered. This may not be news to you, but it was a surprise to me. It cropped up when looking at something that needs parallelization to reduced the elapsed run time.

        • List Comprehensions in Python

          A list is one of the fundamental data types in Python. Every time you come across a variable name that's followed by a square bracket [], or a list constructor, it is a list capable of containing multiple items, making it a compound data type. Similarly, it is also a breeze to declare a new list and subsequently add one or more items to it.

        • Python if else demo

          A simple kata from codewars will show us how to use the if-else statement in python.

          The wide mouth frog is particularly interested in the eating habits of other creatures.

          He just can’t stop asking the creatures he encounters what they like to eat. But then he meets the alligator who just LOVES to eat wide-mouthed frogs!

          When he meets the alligator, it then makes a tiny mouth.

    • Standards/Consortia

  • Leftovers

    • Protest Song Of The Week: ‘She Showed Me Love’ By Neil Young and Crazy Horse

      In an interview for MOJO Magazine, Neil Young said it is a “hell of a time to be alive. I wouldn’t wish what’s gonna happen on my grandchildren, and even my children. I’ll probably be here long enough to see the very beginning of the devastation.” That is, “unless we do something to change it.” The rage from Young is personal. In 2018, he lost a home in Malibu, California, to a wildfire. It prompted the longtime musician to rant against President Donald Trump for his deadly climate change denial. Young and his band, Crazy Horse, recently released “Colorado,” an album filled with lyrics that attend to the environmental devastation surrounding us. Of particular note is a 13-minute jam called “She Showed Me Love.” On the track, Young sings about what Mother Nature has taught him. He recognizes the light that she brings. But Young protests against the “old white guys trying to kill mother nature.” As he fumes over what MOJO describes as a “staccato stomp,” Young pays tribute to the youth that are “fighting to save Mother Nature.” They are demonstrating, taking a stand for themselves, and recognize the importance of saving the planet, even if their parents or grandparents do not share their urgency. Later, Young sings about “Mother Nature pushing Earth in a baby carriage.” It’s his way of calling attention to how the environment nurtures life. Crazy Horse has been around for fifty years, backing up Young when he called on them. Young feels like cosmic forces align when he plays with the Horse. He can sing and talk about things that other people may not want to support. Beginning in 2015, Young worked with Lukas Nelson and the Promise of The Real. They were his backing band for the album, “The Monsanto Years,” which had the agribusiness panicking. They conducted an intelligence operation out of a “fusion center” to figure out whether it was worth it to pursue legal action. (Nelson is the son of country music legend Willie Nelson.)Yet, there is so much history with Crazy Horse, and guitarist Nils Lofgren returned for “Colorado.” He had not been on a Crazy Horse album since 1971. He helped create that feeling of being waist deep in the muck, which permeates “She Showed Me Love.”

    • Most Dutch Turn TV Off, Put Phone Away for Dinner
    • Science

      • How do Russian HIV deniers operate, and would a newly proposed bill banning HIV denial actually stop them?

        At the end of November, Russia’s Health Ministry introduced a bill into the country’s State Duma that would ban HIV denialism. The bill would amend an existing law called “On the Prevention of the Spread of HIV Infections” to forbid the distribution of “inaccurate information about the effect of HIV infection on one’s health.” That information would fall into three possible categories: denying the existence of HIV, denying its relationship with AIDS, and denying the existence of prevention and treatment methods for the virus. HIV denial is not an exclusively Russian phenomenon — supporters of the ideology can be found in Africa and the United States as well — but Russia appears to be the first country with a shot at introducing fines for expressing denialist beliefs and blocking the webpages of deniers themselves. Given that absence of international precedent, it is very difficult to predict the effectiveness and the possible unintended consequences of measures like the new denial ban. Alexander Yershov spoke with Pyotr Meylakhs, a senior sociology and public health scholar specializing in HIV denialism at the Higher School of Economics, about the Russian HIV denialist community and about whether the Health Ministry’s new bill will really help correct its falsehoods.

      • The current state of blockchain and where it's going

        However, private, permissioned ledgers will not be suited to all use cases. There need to be improvements in general to permissionless networks' capacity to manage more events at a time. This leads us to where the most ambitious work might be happening: consensus mechanisms.

        Getting all participants to come to a consensus on the "truth" of all the transactions (i.e., the changes) that happen on the network and on their order is one of the great difficulties of distributed systems. As a type of distributed system, blockchains inevitably contend with it, too.

        Bitcoin's solution is to organize a race every 10 minutes to solve a computational puzzle and let the winner settle what transactions happened in the last time period and in which order, which everyone else can then easily verify and agree on. By virtue of the kind of puzzle used, the winner is essentially random, but the problem with this "Nakamoto-style proof of work" is that the puzzles used in this race also require horrendously high computational resources to solve (by design), and the work of everyone but the winner is thrown away after each round.

        While it is secure, proof of work is also energy-consuming and slow.

        What we need are better consensus mechanisms that will allow participants of blockchain networks to come to agreement more efficiently, making it possible for the whole system to process more events per second.

        Ethereum, notably, is working on numerous innovations to solve these limitations. First of all, it plans to let go of proof of work to move to a proof of stake consensus mechanism, often referred to as the Casper protocol. It uses economic incentives and disincentives to get the nodes to secure the network and make cheating (very) costly.

        Another problem a blockchain that can execute smart contracts must contend with is how the execution of code is guaranteed to be correct and what impact this has on the processing capacity of the overall network. Currently, Ethereum requires each validating node to execute the code to verify that the results offered by other nodes are correct. This poses scalability issues, as the greater the success of the Ethereum "world computer," the more code validators need to check: all the nodes need to agree on the order and the validity of each line of code executed and will inevitably be held back by the slowest node.

        One of the options to alleviate this issue is sharding, a solution where only part of the network executes the code and returns results the rest of the network can verify.

        Pushing this idea further, ZEXE, a project by the team behind Zcash, deals with this situation by making it possible to submit the result of the execution of code along with a cryptographic proof that the result is correct. Other nodes can then take this proof and check it very quickly without redoing the computation. This, combined with bounties for proving results wrong, creates a system where code can be executed by a single node and checked by many, and it makes for a clever way of speeding up the execution of distributed applications (dapps).

        Consensus in distributed systems is not exactly a new research field, but as blockchains have become popular, there has been renewed interest in consensus research. I could mention many more (Tendermint, Ouroboros, and Algorand come to mind), but I'll offer one other interesting approach regarding consensus: consensus agility. For instance, Hyperledger Sawtooth can change consensus on the fly, "putting all blockchain configuration on the chain itself." This makes it possible to start a network using a given consensus mechanism and switch to a different, more adapted one when the network and its users have changed, say going from a small-scale deployment to a large consortium.

        This is starting to shed light on an important aspect of the evolution of blockchains: modularity. While the first projects were very tightly integrated, over time, efforts have been made to separate the different layers: networking, consensus, application, and even information storage.

    • Amazon

      • AWS announces new ARM-based instances with Graviton2 processors

        AWS, the cloud division of Amazon, just announced the next generation of its ARM processors, the Graviton2. This is a custom chip design with a 7nm architecture. It is based on 64-bit ARM Neoverse cores.

        Compared to first-generation Graviton processors (A1), today’s new chips should deliver up to 7x the performance of A1 instances in some cases. Floating point performance is now twice as fast. There are additional memory channels and cache speed memory access should be much faster.

        The company is working on three types of Graviton2 EC2 instances that should be available soon. Instances with a “g” suffix are powered by Graviton2 chips. If they have a “d” suffix, it also means that they have NVMe local storage.

      • Gravitons reign, yo: A screaming comes across the sky and all across the Neoverse

        The first generation of Arm-based EC2 servers, dubbed A1, used AWS's Graviton1 processor line, which debuted a year ago. Based on 16 64-bit Arm Cortex-A72 cores clocked at 2.3GHz, they were designed to provide cost savings over x86-based microprocessors for specific applications like web servers, microservices, data and log processing, and other workloads suited to small cores and limited memory requirements.

      • Finally: AWS Gives Servers A Real Shot In The Arm

        Finally, we get to test out how well or poorly a well-designed Arm server chip will do in the datacenter. And we don’t have to wait for any of the traditional and upstart server chip makers to convince server partners to build and support machines, and the software partners to get on board and certify their stacks and apps to run on the chip. Amazon Web Services is an ecosystem unto itself, and it owns a lot of its own stack, so it can just mike drop the Graviton2 processor on the stage at re:Invent in Las Vegas and dare Marvell, Ampere, and anyone else who cares to try to keep up.

      • Datacoral announces HIPAA compliance, Data & Analytics competency and Amazon Linux 2 certification

        Today at AWS re:Invent, Datacoral, a provider of data pipeline infrastructure, announced three newly achieved AWS and government standard milestones that reinforce long term commitments to data security and AWS best practices. Datacoral has achieved HIPAA compliance, earned its Data & Analytics competency as an APN Advanced Technology Partner, and certified their support for Amazon Linux 2.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • The rise, disappearance, and retirement of Google co-founders Larry Page and Sergey Brin

          In that context, it’s important to look back at the big moments in both men’s careers and how the actions they took have had an outsized impact not just on the tech industry, but on the internet and society itself. What Page and Brin have built will likely last for decades to come, and knowing how Google got to where it is today will be an important piece in the puzzle of figuring out where it goes in the future.

        • CERN selects Juniper Networks to increase data centres capacity

          The European Organization for Nuclear Research (CERN) has deployed Juniper Networks networking solutions to increase the capacity of its data centres and technical network to adapt to increasing research requirements.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The Foundational Era of Open Source

                Between 2012 and 2015, though, we passed into a new, modern era of open source software that I call the Foundational era of open source. Open source projects were given to community-owned, non-profit foundations to manage and nourish—organizations such as the Linux Foundation, the folks behind Cloud Native Computing Foundation and the Continuous Delivery Foundation; Cloud Foundry Foundation; The Apache Foundation; and the Eclipse Foundation (one of the early entrants, even if IBM did come to dominate it) took over the stewardship of many open source projects.

                This has ushered in a truly golden age of open source software that has seen open source become the dominant form of software in the world. The Foundational era of open source has flourished for several reasons. For one, now multiple commercial entities can contribute code without worrying that it is for the exclusive benefit of just one company. What’s more, these foundations have a mix of vendors, practitioners and large enterprise users that really do allow for the democratization of open source at levels not seen before. Also, there is a process of incubation to graduation that these projects are put through that help them evolve and grow.

        • Security

          • Ubuntu Linux Gets Intel Microcode Update to Fix CPU Hangs

            Canonical has released a new Linux Intel microcode update for Ubuntu that fixes an issue causing Intel Skylake CPUs to hang after a warm reboot.

            On November 12th, 2019, new Intel microcodes were released to mitigate a vulnerability discovered in the Transactional Synchronization Extensions (TSX) feature in Intel processors and a vulnerability in Intel Xeon processors that could lead to a denial of service attack from a local privileged user.

          • Security updates for Wednesday

            Security updates have been issued by CentOS (389-ds-base, ghostscript, kernel, and tcpdump), Debian (libonig), Fedora (clamav, firefox, and oniguruma), openSUSE (calamares, cloud-init, haproxy, libarchive, libidn2, libxml2, and ucode-intel), Scientific Linux (SDL and tcpdump), Slackware (mozilla), and Ubuntu (haproxy, intel-microcode, and postgresql-common).

          • Samba Patch Caps Busy Year for IBM i Security

            IBM last week patched a moderately severe security flaw in IBM i’s Samba implementation that could enable hackers to access data they really shouldn’t be able to access. The disclosure caps a rather busy second half of the year for security patches on IBM i that saw 26 emergency PTFs and Yum updates for Node.js, Python, the Apache HTTP Server, OpenSSL, ISC Bind, IBM Navigator, and even Db2 Mirror for IBM i.

            On November 26, IBM issued this security bulletin to let people know about the new flaw in the Samba client. The flaw could allow a hacker to not only access files and folders on the affected server that are outside of the SMB network pathnames, but to also create files outside of the working directory, according to IBM’s description. The flaw, which carries a CVSS Base Score of 5.3, was fixed with a series of PTFs for IBM i 7.2, 7.3, and 7.4.

            It was the second patch that month, with the first coming on November 4, when IBM issued a security bulletin that discussed four separate vulnerabilities in Python that impact IBM i versions 7.2 through 7.4. All of the Python vulnerabilities are in the open source programing language, which runs on IBM i via the PASE Unix runtime, and not in any code that’s unique to IBM i.

          • RSA-240 Factored

            We are pleased to announce the factorization of RSA-240, from RSA's challenge list, and the computation of a discrete logarithm of the same size (795 bits): [...]

          • Senators sound alarm on dangers of ransomware attacks after briefing [iophk: Windows TCO]

            Sen. Gary Peters (D-Mich.), another member of the Cybersecurity Caucus and the top Democrat on the chamber's Homeland Security and Governmental Affairs Committee, told reporters that while he was not at the briefing on Wednesday, he would support holding a public hearing on ransomware threats.

          • Ransomware attacks on business, government pick up pace

            Ransomware attacks on businesses and governments will continue at a more rapid pace, thanks to newly found security vulnerabilities, according to one global security firm which forecasts further increases in ransomware attacks and VPN “scandals” in 2020 and beyond.

          • ThreatList: A Third of Biometric Systems Targeted by Malware in Q3 [iophk: Windows TCO]

            Kaspersky researchers found that in the third quarter, one in three (37 percent) of computers within the firm’s telemetry that collect, process and store biometric data were targeted by malware attacks. The malware in question included spyware and remote access trojans (RATs), which accounted for 5.4 percent of all computers analyzed; followed by malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and trojan bankers (1.5 percent).

          • Biometric data processing and storage system threats

            Thirdly (and most importantly), biometric data, once compromised, is compromised for good: users cannot change their stolen fingerprints the way they do stolen passwords. What’s more, biometric data may turn out to be compromised for all applications at the same time. An individual will therefore potentially be affected for the rest of his or her life.

            Given all of the issues above, it is remarkable how careless biometric authentication system developers and users are about protecting these systems and the biometric data collected by them against computer attacks.

          • Security updates for Thursday

            Security updates have been issued by Arch Linux (firefox), Fedora (cyrus-imapd, freeipa, haproxy, ImageMagick, python-pillow, rubygem-rmagick, sqlite, squid, and tnef), openSUSE (haproxy), Oracle (microcode_ctl), and Ubuntu (squid, squid3).

          • Aviatrix VPN vulnerability left user endpoints wide open

            Aviatrix, a supplier of open source enterprise virtual private networks (VPNs) to customers including BT, Nasa and Shell, has patched a serious vulnerability in its client that could have given an attacker escalation privileges on a machine to which they already had access.

            The vulnerability was uncovered by Immersive Labs researcher and content engineer Alex Seymour, after noticing that the VPN client was unusually verbose when booting on a Linux machine.

            Its disclosure comes hot on the heels of government warnings about the possibility of state-sponsored threat actors targeting high-profile organisations through VPN vulnerabilities in products from the likes of Pulse Secure, Palo Alto Networks and Fortinet.

          • OpenBSD

            • Authentication vulnerabilities in OpenBSD

              We discovered an authentication-bypass vulnerability in OpenBSD's authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd, but its real-world impact should be studied on a case-by-case basis. For example, sshd is not exploitable thanks to its defense-in-depth mechanisms.

            • OpenBSD patches authentication bypass, privilege escalation vulnerabilities

              OpenBSD has patched four vulnerabilities including privilege escalation flaws and a remotely exploitable authentication bypass.

              OpenBSD is an open source Unix operating system based on Berkeley Software Distribution (BSD) and built with security in mind. On Wednesday, Qualys Research Labs revealed the existence of four vulnerabilities in the OS that were first privately reported in the interest of responsible disclosure.

            • OpenBSD Multiple Authentication Vulnerabilities

              Multiple authentication vulnerabilities in OpenBSD have been disclosed by Qualys Research Labs. The vulnerabilities are assigned following CVEs: CVE-2019-19522, CVE-2019-19521, CVE-2019-19520, CVE-2019-19519. OpenBSD developers have confirmed the vulnerabilities and also provided a quick response with patches published in less than 40 hours.

            • Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD

              OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework.

            • OpenBSD Hit with Authentication, LPE Bugs

              An authentication bypass and three local privilege-escalation (LPE) bugs have been uncovered in OpenBSD, the Unix-like open-source operating system known for its security protections.

              The most severe of the vulnerabilities is the bypass (CVE-2019-19521), which is remotely exploitable.

              OpenBSD uses BSD authentication, which enables the use of passwords, S/Key challenge-and-response authentication and Yubico YubiKey tokens. In each of these cases, to perform the authentication, the string “/usr/libexec/auth/login_style [-v name=value] [-s service] username class” is used. If an attacker specifies the username “-schallenge” (or “-schallenge:passwd,” the authentication is automatically successful and therefore bypassed.

          • Privacy/Surveillance

            • Legitimised Surveillance: Kim Dotcom’s Case Against GCSB

              Surveillance activities and the law are often at loggerheads. The former specialises in destroying privacy; the latter, in so far as it might be adequate, sometimes furnishes a means of preserving it. When it comes to exposing overly-eager surveillance activity, obstacles arise. Ironically, the privacy of agents, and the sacrosanct nature of their abuse, become points of issue. Public interest tests are employed, often against the public. To expose such conduct might be to compromise the State apparatus altogether.

            • 'A Damning Indictment': Global Poll Shows 71% Support Regulation of Tech Giants to Protect Data Privacy

              "People want to see an end to tech companies trampling over our right to privacy."

            • iPhone 11 Pro phones home with user location even when told not to

              Security researcher Brian Krebs recently showed that the iPhone 11 Pro tracks users’ location even when explicitly told not to. As of iOS 13.2.3, this is still active. While it’s usually only asked in half jest, half conjecture… The question: “Is my iPhone tracking me?” has a disturbing new and verified answer.

            • Amazon let cops see a heatmap of Ring doorbell users in their area

              The folks at Cnet reviewed public documents from the Rolling Meadows Police Department in Illinois that were obtained by privacy researcher Shreyas Gandlur, which showed the US bacon had a heat map of the Ring doorbells being used in a neighbourhood.

            • Ring let police view map of video doorbell installations for over a year

              Public documents from the Rolling Meadows Police Department in Illinois, obtained by privacy researcher Shreyas Gandlur and reviewed by CNET, revealed that police had access to a heat map that showed the concentration of Ring cameras in a neighborhood.

              In its default state, the heat map showed police where Ring cameras are concentrated: the darker the shade, the more the cameras. But when zoomed in, it would show light circles around individual locations, essentially outing Ring owners to police. Police could also type in specific addresses to see the cameras in the surrounding area.

            • Portland, the largest city in Oregon, plans to propose first facial recognition ban affecting private companies

              The potential of the software, however, has also drawn concern from federal lawmakers. In March, a bipartisan bill was introduced by Sens. Brian Schatz (D-Hawaii) and Roy Blunt (R-Mo.) to strengthen consumer protections by prohibiting companies that use facial recognition technology from collecting and resharing data for identifying or tracking consumers without their consent.

              At the state level, California Gov. Gavin Newsom signed a temporary ban on facial recognition technology in police body cameras in October. Detective Lou Turriaga, director of the Los Angeles Police Protective League, opposed the move.

            • Doug Belshaw: Truth, Lies, and Digital Fluency (ITHAKA: Next Wave, December 2019)

              I want to cover the existential threat that surveillance capitalist organisations present society, and how that should feed into our thinking around digital literacies. I’m also pretty dismissive of ‘digital fluency’ as I see it as an unhelpful umbrella term into which people like to fold their hopes, fears, and dreams.

    • Defence/Aggression

      • Goodbye Law and Morality, Welcome Pretend Tough!

        Who needs law, discipline, and morality? These standards mean nothing for a pay-your-doctor-for-an-excuse draft dodger who pretends he is strong and likes tough guys. We have known for years Donald Trump believes that his fame permits him to grab any pussy and do whatever € he wants. Now he boasts that he has liberated a Navy SEAL accused of stabbing to death an Arab teenager already under sedation because of previous injury.€  The boy was so skinny that his watch slid easily off his wrist. In no way ashamed of his feat, Chief Petty Officer Edward Gallagher than posed for a triumphal € photo holding his dead victim by the hair. Encouraged by Fox News, the president brags for his base that he has upended the military code of justice to protect the petty officer from punishment. Presumably the two-in-five American voters who support the president are equally indifferent to law, discipline, and basic morality.€  They may go to church on Sunday but who knows what they do they rest of the week?

      • Trump Pressured Pentagon to Give $400 Million Wall Contract to Fox News Guest

        The company of a Fox News guest repeatedly praised by President Donald Trump received a $400 million border wall construction contract from the Pentagon.

      • Iraq: New Protester Deaths Despite Order Not to Fire

        Security forces across Iraq are using lethal force against protesters despite orders to stop, Human Rights Watch said today. The orders to stop using live ammunition were issued by Adil Abd Al-Mahdi, who resigned as prime minister on November 29, 2019, but remains in office in a caretaker status. The authorities should take urgent measures to stop security forces from using excessive force against protesters.

      • Gambia: Commission Uncovers Ex-Dictator’s Alleged Crimes

        A Gambian truth commission has heard testimony that former President Yahya Jammeh was responsible for numerous grave crimes during his 22 years in office.

      • NATO Should Be Dissolved

        The three smartest words that Donald Trump€ uttered€ during his presidential campaign are “NATO is obsolete.” His adversary, Hillary Clinton,€ retorted€ that NATO was “the strongest€ military€ alliance in the history of the world.” Now that Trump has been in power, the White House€ parrots€ the same worn line that NATO is “the most successful Alliance in history, guaranteeing the security, prosperity, and freedom of its members.” But Trump was right the first time around: Rather than being a strong alliance with a clear purpose, this 70-year-old organization that is meeting in London on December 4 is a stale military holdover from the Cold War days that should have gracefully retired many years ago.

      • End the Wars, Win the Antiwar Vote

        Like anyone else who was around that day, I can tell you exactly where I was on 9/11.

    • Environment

      • You just lived through the warmest decade on record – and it's only going to get hotter

        Concentrations of carbon dioxide in the atmosphere – the greenhouse gas most responsible for global warming – hit a record level of 407.8 parts per million in 2018 and continued to rise in 2019. Carbon dioxide lasts in the atmosphere for centuries and the ocean for even longer, thus locking in climate change, the WMO said.

        And 2019 itself is on course to be the second- or third-warmest year on record, with 2016 still holding the all-time temperature record.

      • American trash

        Electronics can be hazardous when disposed of improperly, and the Basel Action Network, or BAN, investigates the underground world of the e-waste trade. The nonprofit group secretly embeds trackers in discarded devices, then hands them to recyclers to see where they end up, exposing bad practices in the process. After dropping bugged LCD monitors in Oregon, they followed along as the trackers traced a circuitous route through the summer of 2015 and into the fall.

      • How Supporters of the Green New Deal Are Showing Up for Workers

        Calls for a “just transition” have become central to a robust and revitalized environmental movement in the United States aimed at preventing climate catastrophe. The idea behind a just transition is that, as our economy shifts away from dependence on fossil fuels, the workers in the fossil fuel and related industries should be treated with dignity and respect, and guaranteed good union jobs.

      • New water for old as glaciers vanish

        Voids left as glaciers vanish could be used to store spring snowmelt and rainfall to save the valleys below from summer droughts.

      • Wealthy Countries’ Approach to Climate Change Condemns Hundreds of Millions of People to Suffer

        In Madrid, Spain, the 2019 UN Climate Change Conference—known as COP25—began on December 2. Representatives of the world’s countries gathered to discuss what is decidedly a serious problem for the planet; no one, except dangerous political forces in the neofascist right, denies the reality of climate change. What prevents a transfer from carbon-based fuel to other fuels is not the stubbornness of this or that country. The main problems are three:

      • Iceland Fights Climate Change the Same Way It Beat the Banking Crisis

        What can you do if you’re a smallish island in the North Atlantic with a lot of snow and a melting economy? Quite a lot, it turns out, if you’re prepared to put local people’s needs first.

      • Big Polluters Must Be 'Held Liable' for Destruction of Climate, Campaigners Say at COP 25

        "For decades, big polluters have gone to any lengths to block, weaken, and delay policy. That time is over."

      • Energy

        • Pacific Northwest Fights Fossil Fuel Industry’s Push for Fracked Gas

          As the fossil fuel industry works to turn the Pacific Northwest into a fossil fuel hub, a Thin Green Line stands in its way. Producer Barbara Bernstein’s latest project, “Holding the Thin Green Line,” explores how local communities are fighting the fossil fuel industry’s push for massive fracked gas projects in Washington and Oregon. In part 1, we heard about plans to build the world’s largest methanol refineries in Tacoma and Kalama, Washington. This week we hear part 2, “A View from the Blast Zone,” on the struggle to stop a massive LNG facility that is being built at the Port of Tacoma.

      • Wildlife/Nature

        • Indigenous Leader Davi Kopenawa: Bolsonaro Is Killing My People and the Amazon

          Democracy Now! sat down with Indigenous leader Davi Kopenawa, one of this year’s Right Livelihood Award honorees, along with the organization he co-founded, Hutukara Yanomami Association. Kopenawa is a shaman of the Yanomami people, one of the largest Indigenous tribes in Brazil, who has dedicated his life to protecting his culture and protecting the Amazon rainforest. He says indigenous people in the Amazon are under threat from business interests as well as politicians, including far-right President Jair Bolsonaro, who has a long history of anti-indigenous statements and policies. “He doesn’t like indigenous people. He does not want to let the Yanomami people to live at peace, protected. … What he wants is to extract our wealth to send to other countries.”

        • Climate change is causing birds to shrink, study says

          As the climate warms, birds are shrinking and their wingspans are growing, according to a new study.

        • ‘We Have Met the Enemy and He Is Us’ — December’s Most Important Environmental Books
        • Royal Forests of America

          Medieval kings of England loved to hunt. In the 11th century, William the Conqueror designated certain English forests as his hunting preserves. At a time of large-scale deforestation and land clearance for sheep-grazing, these preserves shielded trees and wildlife from destruction. This ancient method of safeguarding habitat endures in the United States as American hunters play a vital role in the protection of nature.

        • Heartbreaking pictures show starving polar bears fighting over plastic rubbish
      • Overpopulation

    • Finance

    • AstroTurf/Lobbying/Politics

      • Legal Scholar Points to Sondland Testimony as 'Most Chilling' Evidence Trump Used Power of Office for Private 'Political Benefit'

        "A candidate for president should resist foreign interference in our elections, not demand it. If we are to keep faith with the Constitution and our Republic, President Trump must be held to account."

      • Billionaire Entitlement Run Amok: the Case of Michael Bloomberg

        Michael Bloomberg, according to€ Forbes Magazine€ the 9th richest man in the world with a net worth this year of $54.7 billion, isn’t just the€ real€ billionaire candidate€ for President in 2020 (Donald Trump’s net worth is almost certainly not counted in the billions, and could be negative for all we know, since he won’t release his tax records) Bloomberg is also the€ billionaires’ candidate€ for president. That is to say, he’s not just rich, he’s their man.

      • Elizabeth Warren: Savior of a Fallen System?

        Elizabeth Warren is a neoliberal in the service of the oligarchs and plutocrats: the few and the wealthy! She stands in a long line of neoliberals who join the contemporary liberal populist parade. Long gone are the New Deal and Great Society days when at least a few social programs were enacted for some. Of course, those€ programs€ of the New Deal were generally dependent on race.

      • Is Corbyn for Christmas Just Another Stove Pipe-Dream?

        Incorporating polling over the last week up through Monday night, Jeremy Corbyn’s Labour Party and smaller center-left parties have taken over the lead in twenty-five additional United Kingdom constituency seats in the most recent update to CounterPunch‘s #10at10 election modelling. In order to allow Corbyn a real chance to become Prime Minister, Labour and the Scottish National Party (SNP) will have to repeat that success again through next Monday to give them a chance to close the deal in the final days before next Thursday’s election.

      • Bernie Sanders Has the Backing of Leftists Worldwide

        Leftist leaders from the United Kingdom to South America have a clear ally in the U.S. presidential election. In a crowded presidential primary, Bernie Sanders has distinguished himself from centrists like Joe Biden and Pete Buttigieg and even fellow progressive Elizabeth Warren by calling the ouster of Bolivia’s former President Evo Morales a coup...

      • Bolivia’s Five Hundred-Year Rebellion

        In 1781, the Bolivian indigenous leader Tupac Katari led a rebellion in which La Paz, the Spanish colonial capital of “Upper Peru,” was besieged for 109 days.The siege ended with the arrival of a Spanish army. Katari was captured, he and his wife, Bartolina Sisa, were gruesomely executed, and thousands of indigenous people were massacred. For many years this was treated as a minor event in history books, but in the latter half of the twentieth century Katari and Sisa have been celebrated as symbols of the resistance to oppression by the indigenous majority, and as martyrs in a national revolution whose time has finally come.

      • Indians Shall Not Govern

        It was a fundraiser for Peruvian sick children. Being at the main table, I was seated – uncomfotably- next to a young man who was the embassy envoy, representing one of the most corrupt governments in the Americas. “But it is for a good cause, I shall behave and talk small talk”, I kept telling myself. My good intentions did not last long.

      • Two Balls and No Strikes
      • Feelings Hurt by 'Two-Faced' Trudeau and Laughing NATO Leaders, Trump Leaves Summit Early in a Huff

        "There is nothing he hates more than important people laughing at him."

      • Ukraine? Yes. But Trump Must Also Be Impeached for Obstruction

        When the House Judiciary Committee was preparing to vote on articles of impeachment against a sitting president in the summer of 1974, a former justice of the peace from Watertown set the stage when he declared, "President Nixon's conduct in office is a case history of the abuse of presidential power."

      • Can We Get the Money Out of Politics?

        Lost amid the daily news cycle now focused on the impeachment of the president is the fact that money continues to roll in. Democratic candidates are constantly asking donors to help them meet the latest fundraising deadline, while Trump’s presidential rallies and meetings have long doubled as fundraisers.

      • WATCH LIVE: Day 6 of Trump Impeachment Hearings

        Judiciary Committee Chairman Jerrold Nadler said the hearing would offer an opportunity to "discuss the constitutional framework through which the House may analyze the evidence gathered in the present inquiry."

      • Watergate Teaches Us That Democrats Should Broaden the Impeachment Charges

        The Washington Post reports that as House Democrats prepare to move the impeachment process to the Judiciary Committee, they are now quietly debating the possible expansion of impeachment articles beyond Ukraine.

      • Why so negative? ‘BBC’ gets an inside look at how Russia’s ‘troll factory’ is trying to become a legitimate news empire

        Evgeny Prigozhin has enjoyed a special place in news headlines for several years, but 2019 was a turning point for the Russian catering magnate (who also dabbles in media and mercenaries, among other things). After countless denials that he has any connection to St. Petersburg’s infamous “troll factory” (indicted by the U.S. Justice Department for interfering in America’s 2016 presidential election) or its associated news outlets, Prigozhin recently agreed to chair the board of trustees at “Patriot,” a new organization that unifies four of these very publications: The Federal News Agency, Economics Today, Politics Today, and The People’s News. In a new investigative report for the BBC Russian Service, journalists Andrey Zakharov and Elizaveta Fokht visited Patriot’s headquarters in St. Petersburg and met with its director, Nikolai Stolyarchuk, to learn about the media group’s “positive mission.” Meduza summarizes this article below.

      • Reagan’s Forgotten Iran-Contra Escape May Reveal More About Trump’s Fate Than Watergate

        When the scandal finally broke, it was on the other side of the Atlantic, in a nation that millions of Americans couldn’t pinpoint on a map. Congress had made its intentions clear in the form of legislation, but the White House secretly ignored that to illegally pursue its own controversial agenda.

      • ALEC Is an Incubator for Efforts to Protect White Supremacy, Says New Report

        Ten years ago, a then-state senator with ties to white supremacists named Russell Pearce introduced model legislation to his colleagues in the American Legislative Exchange Council (ALEC) that would later become SB 1070, Arizona’s infamous “show me your papers” law. While legal challenges have largely defanged provisions that authorized police to racially profile Latinx people as undocumented immigrants, SB 1070 and copycats passed in five other states are considered some of the most anti-Latinx and anti-immigrant measures in recent memory.

      • Modern Family Progressive Values Put Conservatives to Shame

        In a recent New York Times’ column, Thomas Edsall defends progressives against Attorney General William Barr and other social conservatives who charge them with wanton destruction of the family. Edsall is right to call out Barr and others for “marketing apocalyptic hogwash” to get Trump reelected, but his argument concedes too much to social conservatives.

      • 'He Has a Lot of Explaining to Do': Call Records Show Devin Nunes Spoke With Giuliani Multiple Times Amid Ukraine Scheme

        "Hugely incriminating" was how one commentator described the previously undisclosed call records.

      • Republicans’ Alternative “Report” Does Nothing to Refute Impeachment Report

        After an Autumn of accusation and acrimony that included two damning weeks of testimony from a variety of witnesses, the House Intelligence Committee on Tuesday afternoon released its report documenting the impeachment investigation into the activities of Donald Trump in Ukraine. The information contained within is intended as a baseline for the drafting of articles of impeachment against Trump, a duty that will fall upon Rep. Jerrold Nadler and the members of his House Judiciary Committee shortly.

      • Trump's Actions Impeachable, Scholars Say, as Democrats Go All In
      • Trump's Rightward Shift of Federal Courts Advances as Senate Confirms Anti-Choice Sarah Pitlyk
      • Former networks boss Sari Baldauf to replace Risto Siilasmaa as Nokia chair

        She sits on the executive boards of a number of Finnish and European companies including car maker Daimler AG, energy giant Fortum, equity management firm Capman and cyber security company F-Secure. She was chair of the Fortum board until 2018.

        Nokia also nominated Sampo financial group president and CEO Kari Stadigh to become the new vice chairman.

      • [Old] High School Football Players Took a Knee Before a Game, and Opposing ‘Fans’ Threw Trash at Them [iophk: social control media in place of real sources]

        He also said that the white coaches on Denby’s sideline were called “wiggers” and that “grown men and women started spitting on our kids as they walked up the ramp. They were throwing food, cups, and whatever…. They called my student trainer a little monkey and they were saying: ‘Who let them off their leashes? They need to be on a leash. They never should have been here in the first place.’”

        After the game there were scuffles as Denby left the field, as more debris was tossed from the stands.

      • [Old] Detroit Denby coach says Almont fans hurled racial slurs at players during confrontation

        According to Denby coach Deon Godfrey, the racist remarks included the N-word and began as early as when Denby players took a knee during the national anthem before the game.

      • The Tory Election “Campaign” to Date

        The Tory election “campaign” has been precisely that– a non-campaign in which BoJo Johnson has declined to debate with his opponents or be interviewed on TV by a figure (Andrew Neil) noted for asking difficult questions and persisting with them.

      • Britain's Choice Is Socialism or Barbarism

        I am an American with a partner from England and a daughter with dual United Kingdom-U.S. citizenship. For a Yankee, I follow British politics closely.

      • Jonathan Riddell: Voting SNP in the UK Election

        I’m voting for Owen Thompson and the SNP at the UK election on December 12th. Normally for an election I would look through the manifestos and compare them along with consideration of the candidates and the party leaders to decide. But this election is a single issue election. It was called because the flawed 2016 referendum on EU membership did not ask what people wanted, it asked what they didn’t want (EU citizenship) but because there was no question asking what people did want instead it led to three years of parliament being stuck. The SNP policy is for a double proposal to have a referendum on the UK’s EU membership against the Withdrawal Deal as currently negotiated, and then to have a referendum on Scottish independence. This offers me the best chance to keep my EU citizenship and the freedoms it brings, while offering a good chance to get rid of a corrupt and pointless layer of government.

        As I’ve said before all the political parties let us down in 2016 by not effectively campaigning for EU membership and letting the racists and populists win over. They continue to let us down here on those measures. Not one party proposes to ban political advertising online as done with TV despite the well documented populism that gives. Not one seems to have a commitment to reform the rules of election and referendum campaigns to stop the illegal behaviour that Johnson’s Vote Leave campaign used in 2016. And I’ve never heard anyone point out that asking a referendum question which only says what you don’t want and not what you do want instead is a pointless question.

        But here’s a quick look at the manifestos anyway.

        SNP Good stuff about refendums, no nuclear bombs and critique of why Westminster if broken. The usual vague stuff about ending austerity without defining it and promises for the NHS with no explanation of why that public service deserves them more than every other public service. Various good ideas for things to be devolved like broadcasting or employment law. They do want to fix the voting franchise for UK elections to include non-UK EU citizens and people from age 16. They seem to think the UK government will allow an independence referendum while also de-legitimising the idea that there is no need for anyone to allow Scotland to have a referendum, this is a dangerous stance to take as well as incorrect, no other country considers that it has to ask its neighbour for permission for independence. Climate emergency comes in a bit later in the manifesto than I’d like to see but I suppose there’s not much the SNP can do at the UK level since the right layer of government for this is the EU and Scottish layers. Complying with international law to allow the return of residents of Diego Garcia is pleasingly in there but not on Catalonia. I’ve done door knocking with their candidate Owen Thompson this election who is an experienced politican from local and UK layers and I’m happy to support him.

      • UK general election poll tracker: Latest party odds and polling results in full
    • Censorship/Free Speech

      • Facebook Now Altering Users' Posts To Add Singapore Government's 'Fake News' Warnings

        Singapore's "fake news" law continues to pay off for the Singaporean government. It's already been used to target allegations made by political opposition leaders and now it's converted Facebook to an extension of the ruling government.

      • State's Rejection Of Driver's 'IMGOD' Vanity Plate Unconstitutional, Federal Court Rules

        I'm always happy to see someone add to the growing body of First Amendment/vanity license plate case law. Using a very limited amount of space, some applicants have managed to offend the delicate sensibilities of government agencies, even without using the number 5 twice to spell "A55."

      • Devin Nunes Follows Through And Sues CNN In Laughably Dumb SLAPP Suit

        As he promised last week, Rep. Devin Nunes has now sued CNN for defamation for accurately reporting what the indicted Lev Parnas's lawyers had told them about Devin Nunes. Rather than state court in Virginia, this time, Nunes' lawyer, Steven Biss filed the case in the big boy federal court in Virginia. This complaint may be the most laughable one yet of Nunes' various SLAPP suits, and I should remind you that one of them involves him suing a cow.

      • Content Moderation At Scale Is Impossible: That Time Twitter Nazis Got A Reporter Barred From Twitter Over Some Jokes

        Reporter Jon Schwarz, over at The Intercept, has yet another story of content moderation at scale gone wrong, focusing this time on Twitter and his own account. It seems that a bunch of white supremacists on Twitter got mad at him, found an old joke, taken out of context, reported it en masse, and Twitter blocked him over it. Schwarz's story is worth reviewing in detail, but I think he gets the wrong message out of it. His take is, more or less, that Twitter doesn't much care about lowly users, and can't be bothered to understand the context of things (we'll get to the details of the spat in a moment)...

      • Swedish Officials Shut Down A$AP Rocky's Prison Concert Attempt

        A$AP Rocky will be back to perform in Sweden — but a prison concert is now off the table. Sweden’s prison board ruled against the rapper’s appearance.€ 

      • Tony Robbins Crosses The Atlantic For Some Libel Tourism In Ireland; Files SLAPP Suit Against Buzzfeed

        Tony Robbins is American. Buzzfeed is an American news organization. Last week, Buzzfeed published its sixth story in an investigative series about Robbins, that included a story of Robbins allegedly sexually assaulting a high schooler at a summer camp in California. Which, last I checked [looks around quickly], is also in America. So, you might wonder why it is that Robbins has sued Buzzfeed in Ireland. Robbin's lawyer, Paul Tweed has tried to defend the decision to sue in Ireland, but I'm having trouble seeing how any of this is convincing:

      • Elon Musk tries to explain Twitter in ‘pedo guy’ defamation case

        Musk was accusing Unsworth “of being a pedophile during what should have been the proudest moment of his life,” Wilson said. In other words, according to Wilson, Musk metaphorically shat in the punch bowl.

      • Putin Signs 'Foreign Agents' Law That Threatens Website Closures

        The label will be applied to individuals who collaborate with foreign media outlets and receive financial or other material support from them.

        Should anything a foreign media outlet publish violate Russian regulations, "the new norms allow the Russian government to block the websites of foreign agents or legal entities established by them," TASS reported.

      • Kid Rock Closing Restaurant Following Tirade Against Oprah Winfrey

        Outspoken artist Kid Rock is closing his restaurant in Detroit in response to a protest against the controversial statements that he made about Oprah Winfrey and others.

    • Freedom of Information / Freedom of the Press

      • Morocco: Landmark Proposals on Individual Freedoms

        The Moroccan parliament should adopt the groundbreaking proposals made by a government-appointed body to enshrine individual freedoms, Human Rights Watch said today. In a memorandum published on October 28, 2019, the National Human Rights Council (also known by its French acronym, CNDH) recommended decriminalizing consensual sex between nonmarried adults and granting more religious freedoms.

      • Duterte Threatens to Shut Down TV Network

        President Rodrigo Duterte ramped up his attack on the Philippine media, vowing to€ block the renewal of ABS-CBN, the country’s largest and most influential broadcast network.

      • New report: Hungary dismantles media freedom and pluralism

        Hungarian journalists interviewed by the mission described a coordinated system of censorship and content control not seen since the fall of the Communist regime. They point out that Russian disinformation – a strong concern elsewhere in the region – is absent or weak in Hungary given that the public broadcaster, now deformed into a state broadcaster, effectively plays this role, together with the pro-government KESMA media group. Independent journalists are subject to pervasive discrimination by the state, denied access to publicly held information, excluded from official events and prevented or actively hindered from communicating with public officials.

    • Civil Rights/Policing

      • The Remembrance Poppy is Becoming a Weapon Against Immigrants to Canada

        Canada’s “diversity” is famous – or a bit infamous€ for the redneckers in a country larger than the US who still cannot quite accept that this is an immigrant nation.

      • The Ghost of Jimmy Hoffa Haunts American Labor

        On July 30, 1975, Jimmy Hoffa, the former president of the Teamsters Union, disappeared.

      • 'Profoundly Disturbing': William Barr Says Communities That Do Not 'Respect' Police Could Lose Protections

        Civil rights advocates viewed the attorney general's comments as a threat against communities of color that have protested police brutality and killings.

      • Prosecutors propose four-year sentence for student and YouTuber who became public face of protest persecution

        Prosecutors have asked for a four-year prison sentence in the case of 21-year-old Egor Zhukov, a student at the Higher School of Economics, a Meduza correspondent reported from the courtroom.

      • Brazil: Venezuelan Children Fleeing Alone

        Brazilian authorities are failing to provide adequate protection for hundreds of unaccompanied Venezuelan children who are fleeing into Brazil.€ 

      • Greece: Camp Conditions Endanger Women, Girls

        (Athens) – Women and girls face relentless insecurity in€ Greece’s€ overcrowded Moria “hotspot” for asylum seekers and migrants on Lesbos island, Human Rights Watch said today, releasing a€ video€ that shows the dire conditions. The Greek government should take immediate action to ensure safe, humane conditions for women and girls in line with their international human rights obligations and standards for humanitarian emergencies.

      • Australia: Press for Release of Vietnam Detainees

        The€ Australian€ government should€ publicly and privately press the€ Vietnamese€ government to overturn the convictions of€ a detained Australian and two of his Vietnamese colleagues.

      • Auditing Algorithms in New York City

        Algorithmic decision-making is becoming the new norm in New York. City agencies use computerized algorithms to make important decisions about New Yorkers’ daily lives, from€ school assignments€ to€ public benefits evaluations€ and more. But serious concerns persist on how to monitor automated systems and prevent human rights abuses.

      • UN Report Finds Over 7 Million Children Worldwide Are Being Held in Detention

        A damning United Nations report says that 7 million children are deprived of their liberty worldwide, from children imprisoned on the U.S.-Mexico border to the missing children of ISIS fighters. The Global Study on Children Deprived of Liberty says that at least 410,000 of those children are detained in jails and prisons, where violence is “endemic.” The study also found that the number of children detained in the context of armed conflict has dramatically risen. The global study was published in November, on the 30th anniversary of the Convention on the Rights of the Child, the landmark international treaty affirming the world’s commitment to protecting children. It is the most ratified U.N. Treaty in history — the United States is one of the only countries that hasn’t ratified the convention. We’re joined by Manfred Nowak, lead author of the U.N. Global Study on Children Deprived of liberty. Nowak is also a human rights lawyer and U.N. independent expert. He served as the U.N. Special Rapporteur on Torture from 2004 to 2010.

      • A Few Things From the WTO Shutdown I Carry Into the Future
      • Illinois Will Allow Prone, Supine Restraints on Children While Schools Learn to Phase Them Out

        Amending emergency rules put in place two weeks ago, the Illinois State Board of Education says it will again allow schoolchildren to be physically restrained in positions it had banned, though only in crisis situations.

        The change comes after several schools said they could no longer serve some students with behavior issues because of the new restrictions, put in place after publication of a Chicago Tribune/ProPublica Illinois investigation that found overuse and misuse of “isolated timeouts” in public schools across the state.

      • The Russian Orthodox Church now formally opposes new legislation against domestic violence

        The Russian Orthodox Church now formally opposes new draft legislation in Russia that would increase penalties on domestic violence. In an announcement by the Patriarchal Commission on Family Issues and the Protection of Motherhood and Childhood, the Church argues that the bill recently published by the Federation Council “contains a number of legal defects that make its adoption unacceptable.”

      • Local policeman in Arkhangelsk gets suspended sentence for ignoring domestic violence complaints from woman who was murdered

        A former police officer in the Russian city of Arkhangelsk has received a three-year suspended sentence after he ignored complaints from a local woman who said the man she was living with was beating and threatening her.

      • 50 Years Ago Today, Police Murdered Fred Hampton. His Activism Lives On.

        Today marks the 50th anniversary of the Chicago Police Department’s (CPD) assassination of Fred Hampton, the 21-year-old chairman of the Illinois Chapter of the Black Panther Party (BPP).

      • Fred Hampton Lives On, 50 Years After His Assassination

        Fifty years ago today, Chicago police burst into the home of Fred Hampton, chairman of the Illinois chapter of the Black Panthers. They gunned down Mark Clark, who was guarding the door, sprayed the apartment with bullets, and ran into Hampton’s room.

      • Fred Hampton on Racism and Capitalism
      • RIP Fred Hampton: a Black Visionary Assassinated by the FBI

        Fifty years ago this week, a squad of Chicago police officers killed Black Panther leaders Fred Hampton and Mark Clark in a pre-dawn raid on the apartment where they were sleeping. In the decades since, a revealing body of evidence has emerged showing that Hampton was the victim of a political assassination, sanctioned at the highest levels of the U.S. government.

      • 'Disgraceful Sham': George Zimmerman Sues Parents of Trayvon Martin, Others for $100 Million

        "Imagine killing an unarmed child and then suing his parents."

      • George Zimmerman Sues Trayvon Martin's Parents, Others for $100 Million

        George Zimmerman, the former Florida neighborhood watch volunteer who shot and killed unarmed teenager Trayvon Martin in 2012, is suing the victim’s family, prosecutors, and the media for $100 million in damages.

      • LAPD officer on leave after allegedly seen on camera fondling woman's corpse, sources say

        Sources say the officer turned off the recording on his body camera and then lifted the sheet off the woman's body and allegedly began feeling her nipples and fondling her breasts.

        He later turned the body camera recording back on. But the cameras used by the department have a video buffering that saves footage going back for two minutes prior to the recording function being activated.

      • Mass Shootings Are Connected to America’s Legacy of Anti-Indigenous Violence

        But while school administrators, psychologists, and politicians have their own theories for what’s behind the violence, there’s also one crucial detail that’s regularly left out of the conversation: The fact that the United States has a long, bloody history of mass shootings. The truth of the matter is this country was founded on colonial violence — built on the backs of black slaves and the bodies of millions of slain Native peoples.

        David Hogg, a survivor of the February 2018 Parkland mass shooting and one of the cofounders of March for Our Lives, acknowledged this reality during a recent interview with MSNBC host Chris Hayes. “If we want to talk about mass shootings, we have to recognize the massive number of Indigenous mass shootings that were committed by the United States government,” he said.

      • Senegal chaining: Head teacher receives suspended sentence

        Sending children to Koranic schools is common in Senegal, but Human Rights Watch has highlighted "alarming rates" of abuse including rape, forced begging and imprisonment in some institutions.

      • He’s a Liar, a Con Artist and a Snitch. His Testimony Could Soon Send a Man to His Death.

        When Detective John Halliday paid a visit to the Pinellas County Jail on Dec. 4, 1986, his highest-profile murder case was in trouble. Halliday, who was 35 and investigated homicides for the local sheriff’s office, had spent more than a decade policing Pinellas County, a peninsula edged by white-sugar-sand beaches on Florida’s Gulf Coast, west of Tampa. It is a place that outpaces virtually all other counties in the nation in the number of defendants it has sentenced to death. Prosecutors who pursued the biggest cases there in the 1980s relied on Halliday, who embodied the county’s law-and-order ethos. Powerfully built and 6-foot-4, with a mane of dirty blond hair and a tan mustache, he was skilled at marshaling the facts that prosecutors needed to win convictions.

        He had worked the case for the past year and a half, ever since the body of a 14-year-old girl named Shelly Boggio was found, nude, floating in an inland waterway near the town of Indian Rocks Beach. Her murder was singular in its violence. Her body bore 31 stab wounds, many of them to her hands, as if she had tried to shield herself from the ferocity of the attack. She was most likely still alive, the medical examiner determined, when she was dragged into the water and left to drown. Her older sister identified her by the silver ring, eagle-shaped and inset with turquoise, that she wore on her left hand.

    • Internet Policy/Net Neutrality

      • T-Mobile's 'Nationwide' 5G Isn't Nationwide, Only Slightly Faster Than 4G

        We've noted for a while now how mobile carriers don't seem particularly aware that they're associating 5G in the minds of American consumers with hype and bullshit. AT&T's efforts to use bogus phone icons to pretend 4G is 5G; Verizon's tendency to dramatically overstate availability; scant handset support and annoying surcharges; overly ambitious marketing means that consumers' first contact with 5G is generally one of disappointment.

      • The FCC Is Opening up Some Very Important Spectrum for Broadband

        Decisions about who gets to use the public airwaves and how they use it impact our lives every day. From the creation of WiFi routers to the public auctions that gave us more than two options for our cell phone providers, the Federal Communications Commission (FCC)’s decisions reshape our technological world. And they’re about to make another one.

        In managing the public spectrum, aka “the airwaves,” the FCC has a responsibility to ensure that commercial uses benefit the American public. Traditionally, the FCC either assigns spectrum to certain entities with specific use conditions (for example, television, radio, and broadband are “licensed uses”) or simply designating a portion of spectrum as an open field with no specific use in mind called “unlicensed spectrum,” which is what WiFi routers use.

    • Digital Restrictions (DRM)

      • The Curse of Outdated DRM Claims Another Victim, 'Tron: Evolution'

        As of this week, players who owned a legitimate copy of Tron: Evolution they paid for but never played it, no longer can. Tron: Evolution, a tie-in game for the 2010 Tron: Legacy film , used SecurRom, a form of digital rights management (DRM), and publisher Disney hasn’t paid its bill. This means Disney can no longer authenticate purchases and "unlock" copies of the game that people bought but haven't used yet.

        Players first noticed they couldn’t play the game after purchasing it in October, but a thread on Reddit today brought more attention to the issue.

        “I often buy games on sales, but don't play them immediately,” user Renusek said on Reddit. “Yesterday I decided to play Tron: Evolution, maybe even practice speedrunning it, so I install the game, try to activate it (game still uses SecuROM DRM) and... the serial key has expired (?!).”

    • Monopolies

      • Microsoft’s JEDI contract move: Those are not the cloud providers you’re looking for [iophk: glorifying illegal, anticompetive behavior]

        It’s not clear whether the president had an active hand in choosing Microsoft over Amazon. What is clear is that Microsoft made itself a viable choice, in part, by tearing a page from its old playbook: Use the power of Windows as a way to force its way into other markets.

        In decades past, Microsoft did that with great success, mowing down competitors in the markets for word processing, spreadsheets, presentation software and others. The ploy hasn’t worked in recent times, though, and Windows is no longer the core of Microsoft. The cloud is. But in this instance, it appears that Windows helped Microsoft land JEDI, which is helping the company in its efforts to catch up to Amazon in cloud market share.

      • Amazon Faces Widening U.S. Antitrust Scrutiny in Cloud Business

        AWS accounted for 60% of Amazon’s operating income in the most recently reported 12 months. The unit’s profitability in recent years has helped keep investors happy even as the company continues to spend heavily to expand both its retail and cloud-computing businesses.

      • Trademarks

        • Author Tries To Trademark The Word 'Dark' For All Of Literary Fiction

          For whatever reason, while we see a ton of instances of someone trying to trademark a word or phrase that is absolutely generic and not a source identifier, often it seems some of the most ridiculous instances come from the literary world. Why authors have such a hard time with this is perhaps not entirely mysterious. Steeped in an industry with a tradition of strong views on copyright protections, I suppose it's a short leap that those in that industry would assume trademark works the same way. After all, journalists make this mistake all the time, so why not authors?

      • Copyrights

        • GEMA Acquires a Majority Stake In Digital Distributor Zebralution

          In an unusual move, the German rights collection agency GEMA has acquired a majority interest in Zebralution, which is a digital distribution company.

        • EU Study Shows Online Piracy is Complex and Not Easy to Grasp

          The European Union Intellectual Property Office (EUIPO) has released a new study which suggests that piracy is dropping in Europe. While the research is limited to site-based piracy, it has some interesting findings. Countries with a lower average income per person visit pirate sites more often, for example. In addition, the study shows that awareness of legal options doesn't always decrease piracy.

        • Greece Jails First Pirate Site Operator For Five Years

          A man who faced four criminal prosecutions for copyright infringement has become the first person jailed in Greece for running a pirate site. After switching domains and evading enforcement efforts for a decade, the man has now been handed a five-year prison term by an Athens court.

        • Judge Orders Universal Music To Hand Over Critical 2008 Fire Evidence

          A federal judge in California has€ ordered Universal Music Group (UMG) to provide discovery evidence requested by litigating artists. The order is the latest development in a class action lawsuit filed by artists in response to the fire at the Universal Studios backlot in 2008.

        • Canadian ISP Teksavvy Fights Back Against Overbroad Copyright 'Blocking Order' For GoldTV

          A few weeks back, a Canadian court issued a shockingly broad blocking order against GoldTV, an IPTV service that copyright holders allege are engaging in piracy by offering streaming access to unauthorized TV streams. The case itself is interesting in that Bell Media and Rogers Media sued GoldTV's owners (listed as John Does) as defendants, but then also had all Canadian broadband ISPs listed as "respondents," including Bell Canada and Rogers Communications -- which almost makes this a case where Bell and Rogers are effectively suing themselves. Wacky.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day